LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

libxml2: code execution

Package(s):libxml2 CVE #(s):CVE-2010-4008
Created:November 11, 2010 Updated:December 8, 2010
Description:

From the Ubuntu advisory:

Bui Quang Minh discovered that libxml2 did not properly process XPath namespaces and attributes. If an application using libxml2 opened a specially crafted XML file, an attacker could cause a denial of service or possibly execute code as the user invoking the program.

Alerts:
Scientific Linux SL-libx-20111206 2011-12-06
Red Hat RHSA-2011:1749-03 2011-12-06
Gentoo 201110-26 2011-10-26
SUSE SUSE-SR:2010:023 2010-12-08
openSUSE openSUSE-SU-2010:1004-1 2010-12-02
Debian DSA-2128-1 2010-12-01
Mandriva MDVSA-2010:243 2010-11-29
Ubuntu USN-1016-1 2010-11-10
Red Hat RHSA-2012:0017-01 2012-01-11
CentOS CESA-2012:0017 2012-01-11
Scientific Linux SL-libx-20120112 2012-01-12
Oracle ELSA-2012-0017 2012-01-12
Oracle ELSA-2012-0324 2012-03-09
Red Hat RHSA-2013:0217-01 2013-01-31
CentOS CESA-2013:0217 2013-02-01
Oracle ELSA-2013-0217 2013-02-01
Scientific Linux SL-ming-20130201 2013-02-01
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds