CVE Reference: CVE-2008-4225

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2008-4225

Description:
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

CVE Status:
Candidate

References:

UBUNTU
  http://www.ubuntu.com/usn/usn-673-1

SUNALERT
  http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1
  http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-251406-1

ST
  1021239

SLACKWARE
  http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473974

SAID
  Secunia Advisory: SA33792
  Secunia Advisory: SA32974
  Secunia Advisory: SA33417
  Secunia Advisory: SA32811
  Secunia Advisory: SA32807
  Secunia Advisory: SA32802
  Secunia Advisory: SA32773
  Secunia Advisory: SA32766
  Secunia Advisory: SA32764
  Secunia Advisory: SA32762
  Secunia Advisory: SA35379
  Secunia Advisory: SA36173
  Secunia Advisory: SA36235
  Secunia Advisory: SA34247
  Secunia Advisory: SA33746

REDHAT
  http://www.redhat.com/support/errata/RHSA-2008-0988.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6415
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10025
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6234

OSVDB
  49992

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDVSA-2008:231

GENTOO
  http://security.gentoo.org/glsa/glsa-200812-06.xml

FEDORA

DEBIAN
  http://www.debian.org/security/2008/dsa-1666

CONFIRM
  http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1
  http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1
  http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm
  http://support.apple.com/kb/HT3613
  http://support.apple.com/kb/HT3639
  http://www.vmware.com/security/advisories/VMSA-2009-0001.html
  http://support.avaya.com/elmodocs2/security/ASA-2009-002.htm
  http://wiki.rpath.com/Advisories:rPSA-2008-0325

BID
  32331

APPLE
  http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
  http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html


Return to the previous page.