LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

libxslt: heap buffer overflow

Package(s):libxslt CVE #(s):CVE-2008-2935
Created:July 31, 2008 Updated:October 27, 2008
Description: From the Red Hat alert: A heap buffer overflow flaw was discovered in the RC4 libxslt library extension. An attacker could create a malicious XSL file that would cause a crash, or, possibly, execute arbitrary code with the privileges of the application using the libxslt library to perform XSL transformations on untrusted XSL style sheets.
Alerts:
rPath rPSA-2008-0306-1 2008-10-27
Fedora FEDORA-2008-7062 2008-08-07
Ubuntu USN-633-1 2008-08-01
CentOS CESA-2008:0649 2008-07-31
Fedora FEDORA-2008-7029 2008-08-07
Mandriva MDVSA-2008:160 2007-08-01
Debian DSA-1624-1 2008-07-31
Gentoo 200808-06 2008-08-06
Red Hat RHSA-2008:0649-01 2008-07-31
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds