|Created:||February 26, 2004||Updated:||August 19, 2009|
|Description:||Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When fetching a remote resource via FTP or HTTP, libxml2 uses special parsing routines. These routines can overflow a buffer if passed a very long URL. If an attacker is able to find an application using libxml2 that parses remote resources and allows them to influence the URL, then this flaw could be used to execute arbitrary code.|
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds