LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

libxml: multiple vulnerabilities

Package(s):libxml CVE #(s):CVE-2009-2414 CVE-2009-2416
Created:August 11, 2009 Updated:September 22, 2010
Description: From the Red Hat advisory:

A stack overflow flaw was found in the way libxml processes the root XML document element definition in a DTD. A remote attacker could provide a specially-crafted XML file, which once opened by a local, unsuspecting user, would lead to denial of service (application crash). (CVE-2009-2414)

Multiple use-after-free flaws were found in the way libxml parses the Notation and Enumeration attribute types. A remote attacker could provide a specially-crafted XML file, which once opened by a local, unsuspecting user, would lead to denial of service (application crash). (CVE-2009-2416)

Alerts:
Gentoo 201009-07 2010-09-21
Mandriva MDVSA-2009:200-1 2009-12-04
SuSE SUSE-SR:2009:015 2009-09-15
Fedora FEDORA-2009-8582 2009-08-15
Fedora FEDORA-2009-8594 2009-08-15
Fedora FEDORA-2009-8580 2009-08-15
Debian DSA-1861-1 2009-08-13
Fedora FEDORA-2009-8491 2009-08-11
Fedora FEDORA-2009-8498 2009-08-11
Mandriva MDVSA-2009:200 2009-08-12
Ubuntu USN-815-1 2009-08-11
CentOS CESA-2009:1206 2009-08-10
Debian DSA-1859-1 2009-08-10
Red Hat RHSA-2009:1206-01 2009-08-10
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds