|
|
Log in / Subscribe / Register

libxml: multiple vulnerabilities

Package(s):libxml CVE #(s):CVE-2009-2414 CVE-2009-2416
Created:August 11, 2009 Updated:September 22, 2010
Description: From the Red Hat advisory:

A stack overflow flaw was found in the way libxml processes the root XML document element definition in a DTD. A remote attacker could provide a specially-crafted XML file, which once opened by a local, unsuspecting user, would lead to denial of service (application crash). (CVE-2009-2414)

Multiple use-after-free flaws were found in the way libxml parses the Notation and Enumeration attribute types. A remote attacker could provide a specially-crafted XML file, which once opened by a local, unsuspecting user, would lead to denial of service (application crash). (CVE-2009-2416)

Alerts:
Gentoo 201009-07 libxml2 2010-09-21
Mandriva MDVSA-2009:200-1 libxml 2009-12-04
SuSE SUSE-SR:2009:015 OpenOffice_org, OpenOffice_org-math, dnsmasq, gnutls, ia32el, ib-bonding-kmp-rt/kernel-rt, libxml, opera, perl-IO-Socket-SSL, xen 2009-09-15
Fedora FEDORA-2009-8582 libxml 2009-08-15
Fedora FEDORA-2009-8594 libxml 2009-08-15
Fedora FEDORA-2009-8580 mingw32-libxml2 2009-08-15
Debian DSA-1861-1 libxml 2009-08-13
Fedora FEDORA-2009-8491 libxml2 2009-08-11
Fedora FEDORA-2009-8498 libxml2 2009-08-11
Mandriva MDVSA-2009:200 libxml 2009-08-12
Ubuntu USN-815-1 libxml2 2009-08-11
CentOS CESA-2009:1206 libxml libxml2 2009-08-10
Debian DSA-1859-1 libxml2 2009-08-10
Red Hat RHSA-2009:1206-01 libxml 2009-08-10
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds