CVE-2007-6284 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-6284
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6284

Description: The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.

CVE Status: Candidate

References: UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-569-1 SUSE http://www.novell.com/linux/security/advisories/suse_security_summary_report.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201514-1 ST 1019181 SAID Secunia Advisory: SA28450 Secunia Advisory: SA28475 Secunia Advisory: SA28466 Secunia Advisory: SA28470 Secunia Advisory: SA28458 Secunia Advisory: SA28452 Secunia Advisory: SA200800036 Secunia Advisory: SA28439 Secunia Advisory: SA28444 Secunia Advisory: SA28636 Secunia Advisory: SA28716 Secunia Advisory: SA28740 Secunia Advisory: SA29591 Secunia Advisory: SA31074 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0032.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5216 MLIST http://lists.vmware.com/pipermail/security-announce/2008/000009.html MISC MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:010 GENTOO http://security.gentoo.org/glsa/glsa-200801-20.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1461 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=202628 http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm http://www.xmlsoft.org/news.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/490306/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/486410/100/0/threaded BID 27248 APPLE http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html

Return to the previous page.