VMware Security Advisory - VMware has released an updated libxml2 package that addresses a security issue.
ed141f3aa3ca6b4769627753a0c155bb551d3e39d4015808eca865ffbc63fa7aGentoo Linux Security Advisory GLSA 200801-20 - Brad Fitzpatrick reported that the xmlCurrentChar() function does not properly handle some UTF-8 multibyte encodings. Versions less than 2.6.30-r1 are affected.
d6466747edb2f89a080dd704e0be88ffce90ac3b25a92c2870b67b772a5790d5Ubuntu Security Notice 569-1 - Brad Fitzpatrick discovered that libxml2 did not correctly handle certain UTF-8 sequences. If a remote attacker were able to trick a user or automated system into processing a specially crafted XML document, the application linked against libxml2 could enter an infinite loop, leading to a denial of service via CPU resource consumption.
1a16467959b4a330c461e429f40ac7c5b93981834369266667dca5a9d54d85f7Debian Security Advisory 1461-1 - Brad Fitzpatrick discovered that the UTF-8 decoding functions of libxml2, the GNOME XML library, validate UTF-8 correctness insufficiently, which may lead to denial of service by forcing libxml2 into an infinite loop.
2bbc3fa2b0758e79588a696950f034e141bb876356c2272039fa877fb0f10858Mandriva Linux Security Advisory - A denial of service flaw was discovered by the Google Security Team in the way libxml2 processes malformed XML content. This flaw could cause the application to stop responding.
6cdd88c8f7950f9c5bf57f41333ce3e314f229cf75e3b5c900e6dbd6f212d550
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed