Vulnerabilities > CVE-2008-4225 - Numeric Errors vulnerability in Xmlsoft Libxml 2.7.2

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
xmlsoft
CWE-189
nessus

Summary

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

Vulnerable Configurations

Part Description Count
Application
Xmlsoft
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_126357-06.NASL
    descriptionSun Java System Access Manager 7.1 Solaris_x86. Date this patch was last updated by Sun : Apr/23/11
    last seen2020-06-01
    modified2020-06-02
    plugin id107950
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107950
    titleSolaris 10 (x86) : 126357-06
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(107950);
      script_version("1.6");
      script_cvs_date("Date: 2019/10/25 13:36:27");
    
      script_cve_id("CVE-2008-2945", "CVE-2008-3529", "CVE-2008-4225", "CVE-2008-4226", "CVE-2009-0169", "CVE-2009-0170", "CVE-2009-0348", "CVE-2009-2268", "CVE-2009-2712", "CVE-2009-2713", "CVE-2011-0844", "CVE-2011-0847", "CVE-2011-3506");
    
      script_name(english:"Solaris 10 (x86) : 126357-06");
      script_summary(english:"Check for patch 126357-06");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 126357-06"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Sun Java System Access Manager 7.1 Solaris_x86.
    Date this patch was last updated by Sun : Apr/23/11"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://getupdates.oracle.com/readme/126357-06"
      );
      script_set_attribute(attribute:"solution", value:"Install patch 126357-06");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(20, 79, 119, 189, 200, 255, 264, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:126357");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/04/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("solaris.inc");
    
    showrev = get_kb_item("Host/Solaris/showrev");
    if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris");
    os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev);
    if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris");
    full_ver = os_ver[1];
    os_level = os_ver[2];
    if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level);
    package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev);
    if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);
    package_arch = package_arch[1];
    if (package_arch != "i386") audit(AUDIT_ARCH_NOT, "i386", package_arch);
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamclnt", version:"7.1,REV=06.11.22.00.23") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamcon", version:"7.1,REV=06.11.22.00.22") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamconsdk", version:"7.1,REV=06.11.22.00.22") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamdistauth", version:"7.1,REV=06.11.22.00.23") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamext", version:"7.1,REV=06.11.20.12.28") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamfcd", version:"7.1,REV=06.11.20.12.28") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWampwd", version:"7.1,REV=06.11.20.12.28") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamrsa", version:"7.1,REV=06.06.28.17.03") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamsam", version:"7.1,REV=06.11.20.12.26") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamsci", version:"7.1,REV=06.11.20.12.28") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamsdk", version:"7.1,REV=07.01.18.06.04") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamsdkconfig", version:"7.1,REV=06.12.15.12.35") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamsfodb", version:"7.1,REV=06.11.20.12.28") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamsvc", version:"7.1,REV=06.12.19.15.12") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamsvcconfig", version:"7.1,REV=06.11.20.12.28") < 0) flag++;
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"126357-06", obsoleted_by:"", package:"SUNWamutl", version:"7.1,REV=07.01.18.05.38") < 0) flag++;
    
    if (flag) {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : solaris_get_report()
      );
    } else {
      patch_fix = solaris_patch_fix_get();
      if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10");
      tested = solaris_pkg_tests_get();
      if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWamclnt / SUNWamcon / SUNWamconsdk / SUNWamdistauth / SUNWamext / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_LIBXML2-5799.NASL
    descriptionlibxml2 could run into an endless loop when processing specially crafted XML files (CVE-2008-4225)
    last seen2020-06-01
    modified2020-06-02
    plugin id34983
    published2008-12-01
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34983
    titleopenSUSE 10 Security Update : libxml2 (libxml2-5799)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS7_123919.NASL
    descriptionSun Management Center 3.6.1: Patch for Solaris 7. Date this patch was last updated by Sun : Dec/01/09
    last seen2020-06-01
    modified2020-06-02
    plugin id23690
    published2006-11-20
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23690
    titleSolaris 7 (sparc) : 123919-12
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_120954.NASL
    descriptionAM 7.0: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10 This plugin has been deprecated and either replaced with individual 120954 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id36756
    published2009-04-23
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=36756
    titleSolaris 10 (sparc) : 120954-12 (deprecated)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_126357.NASL
    descriptionSun Java System Access Manager 7.1 Solaris_x86. Date this patch was last updated by Sun : Jun/19/09
    last seen2016-09-26
    modified2011-09-18
    plugin id30014
    published2008-01-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=30014
    titleSolaris 5.9 (x86) : 126357-03
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-10000.NASL
    descriptionThis library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. Update Information: Fixes a couple of security issues when overflowing text data size of buffer size.
    last seen2016-09-26
    modified2012-10-01
    plugin id37490
    published2009-04-23
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=37490
    titleFedora 10 2008-10000
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_120955-12.NASL
    descriptionAM 7.0_x86: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10
    last seen2020-06-01
    modified2020-06-02
    plugin id107871
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107871
    titleSolaris 10 (x86) : 120955-12
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_120954.NASL
    descriptionAM 7.0: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10
    last seen2020-06-01
    modified2020-06-02
    plugin id37533
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/37533
    titleSolaris 9 (sparc) : 120954-12
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_127681.NASL
    descriptionSun Management Center 4.0: Patch for Solaris 9. Date this patch was last updated by Sun : Nov/25/09
    last seen2020-06-01
    modified2020-06-02
    plugin id67167
    published2013-07-03
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/67167
    titleSolaris 9 (sparc) : 127681-07
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_123923.NASL
    descriptionSun Management Center 3.6.1: Patch for Solaris 10. Date this patch was last updated by Sun : Nov/25/09 This plugin has been deprecated and either replaced with individual 123923 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id37632
    published2009-04-23
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=37632
    titleSolaris 10 (sparc) : 123923-12 (deprecated)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_LIBXML2-5802.NASL
    descriptionlibxml2 could run into an endless loop when processing specially crafted XML files. (CVE-2008-4225)
    last seen2020-06-01
    modified2020-06-02
    plugin id35320
    published2009-01-08
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35320
    titleSuSE 10 Security Update : libxml2 (ZYPP Patch Number 5802)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-9729.NASL
    descriptionFixes a couple of security issues when overflowing text data size of buffer size. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id34830
    published2008-11-21
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34830
    titleFedora 8 : libxml2-2.7.2-2.fc8 (2008-9729)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_127682.NASL
    descriptionSun Management Center 4.0: Patch for Solaris 9_x86. Date this patch was last updated by Sun : Nov/25/09
    last seen2020-06-01
    modified2020-06-02
    plugin id67170
    published2013-07-03
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/67170
    titleSolaris 9 (x86) : 127682-07
  • NASL familyWindows
    NASL idSAFARI_4.0.NASL
    descriptionThe version of Safari installed on the remote Windows host is earlier than 4.0. It therefore is potentially affected by numerous issues in the following components : - CFNetwork - CoreGraphics - ImageIO - International Components for Unicode - libxml - Safari - Safari Windows Installer - WebKit
    last seen2020-06-01
    modified2020-06-02
    plugin id39339
    published2009-06-09
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/39339
    titleSafari < 4.0 Multiple Vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0988.NASL
    descriptionUpdated libxml2 packages that fix security issues are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. libxml2 is a library for parsing and manipulating XML files. It includes support for reading, modifying, and writing XML and HTML files. An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-4226) A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. (CVE-2008-4225) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. Users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id34811
    published2008-11-18
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34811
    titleRHEL 2.1 / 3 / 4 / 5 : libxml2 (RHSA-2008:0988)
  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2009-0001.NASL
    descriptiona. Loading a corrupt delta disk may cause ESX to crash If the VMDK delta disk of a snapshot is corrupt, an ESX host might crash when the corrupted disk is loaded. VMDK delta files exist for virtual machines with one or more snapshots. This change ensures that a corrupt VMDK delta file cannot be used to crash ESX hosts. A corrupt VMDK delta disk, or virtual machine would have to be loaded by an administrator. VMware would like to thank Craig Marshall for reporting this issue. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4914 to this issue. b. Updated Service Console package net-snmp Net-SNMP is an implementation of the Simple Network Management Protocol (SNMP). SNMP is used by network management systems to monitor hosts. A denial-of-service flaw was found in the way Net-SNMP processes SNMP GETBULK requests. A remote attacker who issued a specially- crafted request could cause the snmpd server to crash. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4309 to this issue. c. Updated Service Console package libxml2 An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4226 to this issue. A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4225 to this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id40387
    published2009-07-27
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40387
    titleVMSA-2009-0001 : ESX patches address an issue loading corrupt virtual disks and update Service Console packages
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200812-06.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200812-06 (libxml2: Multiple vulnerabilities) Multiple vulnerabilities were reported in libxml2: Andreas Solberg reported that libxml2 does not properly detect recursion during entity expansion in an attribute value (CVE-2008-3281). A heap-based buffer overflow has been reported in the xmlParseAttValueComplex() function in parser.c (CVE-2008-3529). Christian Weiske reported that predefined entity definitions in entities are not properly handled (CVE-2008-4409). Drew Yao of Apple Product Security reported an integer overflow in the xmlBufferResize() function that can lead to an infinite loop (CVE-2008-4225). Drew Yao of Apple Product Security reported an integer overflow in the xmlSAX2Characters() function leading to a memory corruption (CVE-2008-4226). Impact : A remote attacker could entice a user or automated system to open a specially crafted XML document with an application using libxml2, possibly resulting in the exeution of arbitrary code or a high CPU and memory consumption. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id35023
    published2008-12-03
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35023
    titleGLSA-200812-06 : libxml2: Multiple vulnerabilities
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2008-0988.NASL
    descriptionUpdated libxml2 packages that fix security issues are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. libxml2 is a library for parsing and manipulating XML files. It includes support for reading, modifying, and writing XML and HTML files. An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-4226) A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. (CVE-2008-4225) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. Users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id37692
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/37692
    titleCentOS 3 / 4 / 5 : libxml2 (CESA-2008:0988)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_120954-12.NASL
    descriptionAM 7.0: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10
    last seen2020-06-01
    modified2020-06-02
    plugin id107369
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107369
    titleSolaris 10 (sparc) : 120954-12
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_126356-06.NASL
    descriptionSun Java System Access Manager 7.1 Solaris. Date this patch was last updated by Sun : Apr/23/11
    last seen2020-06-01
    modified2020-06-02
    plugin id107450
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107450
    titleSolaris 10 (sparc) : 126356-06
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_126356.NASL
    descriptionSun Java System Access Manager 7.1 Solaris. Date this patch was last updated by Sun : Jun/19/09
    last seen2016-09-26
    modified2011-09-18
    plugin id44085
    published2010-01-20
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=44085
    titleSolaris 5.9 (x86) : 126356-03
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-673-1.NASL
    descriptionDrew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. If a user or automated system were tricked into processing a malicious XML document, a remote attacker could cause applications linked against libxml2 to enter an infinite loop, leading to a denial of service. (CVE-2008-4225) Drew Yao discovered that libxml2 did not correctly handle large memory allocations. If a user or automated system were tricked into processing a very large XML document, a remote attacker could cause applications linked against libxml2 to crash, leading to a denial of service. (CVE-2008-4226). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id36916
    published2009-04-23
    reporterUbuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/36916
    titleUbuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libxml2 vulnerabilities (USN-673-1)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_123922.NASL
    descriptionSun Management Center 3.6.1_x86: Patch for Solaris 9. Date this patch was last updated by Sun : Nov/25/09
    last seen2020-06-01
    modified2020-06-02
    plugin id67169
    published2013-07-03
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/67169
    titleSolaris 9 (x86) : 123922-11
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1666.NASL
    descriptionSeveral vulnerabilities have been discovered in the GNOME XML library. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-4225 Drew Yao discovered that missing input sanitising in the xmlBufferResize() function may lead to an infinite loop, resulting in denial of service. - CVE-2008-4226 Drew Yao discovered that an integer overflow in the xmlSAX2Characters() function may lead to denial of service or the execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id34810
    published2008-11-18
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34810
    titleDebian DSA-1666-1 : libxml2 - several vulnerabilities
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_126356.NASL
    descriptionSun Java System Access Manager 7.1 Solaris. Date this patch was last updated by Sun : Jun/19/09
    last seen2018-09-01
    modified2018-08-22
    plugin id30007
    published2008-01-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=30007
    titleSolaris 5.10 (sparc) : 126356-03
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_LIBXML2-081107.NASL
    descriptionlibxml2 could run into an endless loop when processing specially crafted XML files (CVE-2008-4225)
    last seen2020-06-01
    modified2020-06-02
    plugin id40057
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40057
    titleopenSUSE Security Update : libxml2 (libxml2-314)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2009-0018.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - Add bug347316.patch to backport fix for bug#347316 from upstream version - Add libxml2-enterprise.patch and update logos in tarball - Fix a couple of crash (CVE-2009-2414, CVE-2009-2416) - Resolves: rhbz#515236 - two patches for size overflows problems (CVE-2008-4225, CVE-2008-4226) - Resolves: rhbz#470474 - Patch to fix an entity name copy buffer overflow (CVE-2008-3529) - Resolves: rhbz#461023 - Better fix for (CVE-2008-3281) - Resolves: rhbz#458095 - change the patch for CVE-2008-3281 due to ABI issues - Resolves: rhbz#458095 - Patch to fix recursive entities handling (CVE-2008-3281) - Resolves: rhbz#458095 - Patch to fix UTF-8 decoding problem (CVE-2007-6284) - Resolves: rhbz#425933
    last seen2020-06-01
    modified2020-06-02
    plugin id79462
    published2014-11-26
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79462
    titleOracleVM 2.1 : libxml2 (OVMSA-2009-0018)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_119467.NASL
    descriptionIS 6.3_x86: Sun Java(TM) System Access Manager 6 2005Q1. Date this patch was last updated by Sun : Jun/29/09 This plugin has been deprecated and either replaced with individual 119467 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id25389
    published2007-06-04
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=25389
    titleSolaris 10 (x86) : 119467-17 (deprecated)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS8_127680.NASL
    descriptionSun Management Center 4.0: Patch for Solaris 8. Date this patch was last updated by Sun : Nov/25/09
    last seen2020-06-01
    modified2020-06-02
    plugin id67163
    published2013-07-03
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/67163
    titleSolaris 8 (sparc) : 127680-07
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_120955.NASL
    descriptionAM 7.0_x86: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10
    last seen2020-06-01
    modified2020-06-02
    plugin id38005
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38005
    titleSolaris 9 (x86) : 120955-12
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2008-0988.NASL
    descriptionFrom Red Hat Security Advisory 2008:0988 : Updated libxml2 packages that fix security issues are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. libxml2 is a library for parsing and manipulating XML files. It includes support for reading, modifying, and writing XML and HTML files. An integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-4226) A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. (CVE-2008-4225) Red Hat would like to thank Drew Yao of the Apple Product Security team for reporting these issues. Users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id67769
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67769
    titleOracle Linux 3 / 4 / 5 : libxml2 (ELSA-2008-0988)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2008-324-01.NASL
    descriptionNew libxml2 packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, and -current to fix security issues including a denial or service or the possible execution of arbitrary code if untrusted XML is processed.
    last seen2020-06-01
    modified2020-06-02
    plugin id34822
    published2008-11-21
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34822
    titleSlackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / current : libxml2 (SSA:2008-324-01)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS8_120954.NASL
    descriptionAM 7.0: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10
    last seen2020-06-01
    modified2020-06-02
    plugin id37271
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/37271
    titleSolaris 8 (sparc) : 120954-12
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_126357.NASL
    descriptionSun Java System Access Manager 7.1 Solaris_x86. Date this patch was last updated by Sun : Jun/19/09
    last seen2018-09-01
    modified2018-08-22
    plugin id30010
    published2008-01-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=30010
    titleSolaris 5.10 (x86) : 126357-03
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS8_126356.NASL
    descriptionSun Java System Access Manager 7.1 Solaris. Date this patch was last updated by Sun : Jun/19/09
    last seen2016-09-26
    modified2011-09-18
    plugin id30011
    published2008-01-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=30011
    titleSolaris 5.8 (sparc) : 126356-03
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-231.NASL
    descriptionDrew Yao of the Apple Product Security Team found two flaws in libxml2. The first is a denial of service flaw in libxml2
    last seen2020-06-01
    modified2020-06-02
    plugin id36883
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/36883
    titleMandriva Linux Security Advisory : libxml2 (MDVSA-2008:231)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_F1E0164EB67B11DDA55E00163E000016.NASL
    descriptionSecunia reports : Two vulnerabilities have been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library. 1) An integer overflow error in the
    last seen2020-06-01
    modified2020-06-02
    plugin id34840
    published2008-11-21
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34840
    titleFreeBSD : libxml2 -- multiple vulnerabilities (f1e0164e-b67b-11dd-a55e-00163e000016)
  • NASL familySuSE Local Security Checks
    NASL idSUSE9_12301.NASL
    descriptionlibxml2 could run into an endless loop when processing specially crafted XML files. (CVE-2008-4225)
    last seen2020-06-01
    modified2020-06-02
    plugin id41257
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41257
    titleSuSE9 Security Update : libxml2 (YOU Patch Number 12301)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20081117_LIBXML2_ON_SL3_X.NASL
    descriptionAn integer overflow flaw causing a heap-based buffer overflow was found in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-4226) A denial of service flaw was discovered in the libxml2 XML parser. If an application linked against libxml2 processed untrusted, malformed XML content, it could cause the application to enter an infinite loop. (CVE-2008-4225)
    last seen2020-06-01
    modified2020-06-02
    plugin id60496
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60496
    titleScientific Linux Security Update : libxml2 on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_123924-11.NASL
    descriptionSun Management Center 3.6.1_x86: Patch for Solaris 10. Date this patch was last updated by Sun : Nov/25/09
    last seen2020-06-01
    modified2020-06-02
    plugin id107898
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107898
    titleSolaris 10 (x86) : 123924-11
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_123921.NASL
    descriptionSun Management Center 3.6.1: Patch for Solaris 9. Date this patch was last updated by Sun : Nov/25/09
    last seen2020-06-01
    modified2020-06-02
    plugin id36354
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/36354
    titleSolaris 9 (sparc) : 123921-12
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_123924.NASL
    descriptionSun Management Center 3.6.1_x86: Patch for Solaris 10. Date this patch was last updated by Sun : Nov/25/09 This plugin has been deprecated and either replaced with individual 123924 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id67153
    published2013-07-03
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=67153
    titleSolaris 10 (x86) : 123924-11 (deprecated)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_126356.NASL
    descriptionSun Java System Access Manager 7.1 Solaris. Date this patch was last updated by Sun : Jun/19/09
    last seen2016-09-26
    modified2011-09-18
    plugin id30013
    published2008-01-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=30013
    titleSolaris 5.9 (sparc) : 126356-03
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_120955.NASL
    descriptionAM 7.0_x86: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10 This plugin has been deprecated and either replaced with individual 120955 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id38126
    published2009-04-23
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=38126
    titleSolaris 10 (x86) : 120955-12 (deprecated)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_119467.NASL
    descriptionIS 6.3_x86: Sun Java(TM) System Access Manager 6 2005Q1. Date this patch was last updated by Sun : Jun/29/09
    last seen2020-06-01
    modified2020-06-02
    plugin id23612
    published2006-11-06
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23612
    titleSolaris 9 (x86) : 119467-17
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-10038.NASL
    descriptionFixes a couple of security issues when overflowing text data size of buffer size. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id62272
    published2012-09-24
    reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62272
    titleFedora 10 : libxml2-2.7.2-2.fc10 (2008-10038)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS8_X86_126357.NASL
    descriptionSun Java System Access Manager 7.1 Solaris_x86. Date this patch was last updated by Sun : Jun/19/09
    last seen2016-09-26
    modified2011-09-18
    plugin id30012
    published2008-01-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=30012
    titleSolaris 5.8 (x86) : 126357-03
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_123923-12.NASL
    descriptionSun Management Center 3.6.1: Patch for Solaris 10. Date this patch was last updated by Sun : Nov/25/09
    last seen2020-06-01
    modified2020-06-02
    plugin id107395
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107395
    titleSolaris 10 (sparc) : 123923-12
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SAFARI4_0.NASL
    descriptionThe version of Apple Safari installed on the remote Mac OS X host is earlier than 4.0. As such, it is potentially affected by numerous issues in the following components : - CFNetwork - libxml - Safari - WebKit
    last seen2020-06-01
    modified2020-06-02
    plugin id39338
    published2009-06-09
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/39338
    titleMac OS X : Apple Safari < 4.0
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS8_123920.NASL
    descriptionSun Management Center 3.6.1: Patch for Solaris 8. Date this patch was last updated by Sun : Nov/25/09
    last seen2020-06-01
    modified2020-06-02
    plugin id37363
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/37363
    titleSolaris 8 (sparc) : 123920-12
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-9773.NASL
    descriptionFixes a couple of security issues when overflowing text data size of buffer size. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id34834
    published2008-11-21
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34834
    titleFedora 9 : libxml2-2.7.2-2.fc9 (2008-9773)

Oval

  • accepted2013-04-29T04:00:34.886-04:00
    classvulnerability
    contributors
    • nameAharon Chernin
      organizationSCAP.com, LLC
    • nameDragos Prisaca
      organizationG2, Inc.
    definition_extensions
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
      ovaloval:org.mitre.oval:def:11782
    • commentCentOS Linux 3.x
      ovaloval:org.mitre.oval:def:16651
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
      ovaloval:org.mitre.oval:def:11831
    • commentCentOS Linux 4.x
      ovaloval:org.mitre.oval:def:16636
    • commentOracle Linux 4.x
      ovaloval:org.mitre.oval:def:15990
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
      ovaloval:org.mitre.oval:def:11414
    • commentThe operating system installed on the system is CentOS Linux 5.x
      ovaloval:org.mitre.oval:def:15802
    • commentOracle Linux 5.x
      ovaloval:org.mitre.oval:def:15459
    descriptionInteger overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
    familyunix
    idoval:org.mitre.oval:def:10025
    statusaccepted
    submitted2010-07-09T03:56:16-04:00
    titleInteger overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
    version27
  • accepted2009-03-23T04:00:21.781-04:00
    classvulnerability
    contributors
    namePai Peng
    organizationHewlett-Packard
    definition_extensions
    • commentSolaris 9 (SPARC) is installed
      ovaloval:org.mitre.oval:def:1457
    • commentSolaris 10 (SPARC) is installed
      ovaloval:org.mitre.oval:def:1440
    • commentSolaris 9 (x86) is installed
      ovaloval:org.mitre.oval:def:1683
    • commentSolaris 10 (x86) is installed
      ovaloval:org.mitre.oval:def:1926
    descriptionInteger overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
    familyunix
    idoval:org.mitre.oval:def:6234
    statusaccepted
    submitted2009-02-13T15:56:00.000-05:00
    titleSecurity Vulnerabilities in the libxml2 Library Routines xmlBufferResize() May Lead to Denial of Service (DoS)
    version35
  • accepted2010-05-17T04:00:16.481-04:00
    classvulnerability
    contributors
    • nameMichael Wood
      organizationHewlett-Packard
    • nameMichael Wood
      organizationHewlett-Packard
    • nameJ. Daniel Brown
      organizationDTCC
    definition_extensions
    • commentVMWare ESX Server 3.0.3 is installed
      ovaloval:org.mitre.oval:def:6026
    • commentVMWare ESX Server 3.0.2 is installed
      ovaloval:org.mitre.oval:def:5613
    • commentVMware ESX Server 3.5.0 is installed
      ovaloval:org.mitre.oval:def:5887
    descriptionInteger overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
    familyunix
    idoval:org.mitre.oval:def:6415
    statusaccepted
    submitted2009-09-23T15:39:02.000-04:00
    titleLibxml2 Integer Overflow in xmlBufferResize() Lets Remote Users Deny Service
    version5

Redhat

advisories
rhsa
idRHSA-2008:0988
rpms
  • libxml2-0:2.4.19-12.ent
  • libxml2-0:2.5.10-14
  • libxml2-0:2.6.16-12.6
  • libxml2-0:2.6.26-2.1.2.7
  • libxml2-debuginfo-0:2.5.10-14
  • libxml2-debuginfo-0:2.6.16-12.6
  • libxml2-debuginfo-0:2.6.26-2.1.2.7
  • libxml2-devel-0:2.4.19-12.ent
  • libxml2-devel-0:2.5.10-14
  • libxml2-devel-0:2.6.16-12.6
  • libxml2-devel-0:2.6.26-2.1.2.7
  • libxml2-python-0:2.4.19-12.ent
  • libxml2-python-0:2.5.10-14
  • libxml2-python-0:2.6.16-12.6
  • libxml2-python-0:2.6.26-2.1.2.7

References