Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.60682
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2008:0032
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2008:0032.

The libxml2 packages provide a library that allows you to manipulate XML
files. It includes support to read, modify, and write XML and HTML files.

A denial of service flaw was found in the way libxml2 processes certain
content. If an application linked against libxml2 processes malformed XML
content, it could cause the application to stop responding. (CVE-2007-6284)

Red Hat would like to thank the Google Security Team for responsibly
disclosing this issue.

All users are advised to upgrade to these updated packages, which contain a
backported patch to resolve this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0032.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : Medium

CVSS Score:
5.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-6284
http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html
BugTraq ID: 27248
http://www.securityfocus.com/bid/27248
Bugtraq: 20080115 rPSA-2008-0017-1 libxml2 (Google Search)
http://www.securityfocus.com/archive/1/486410/100/0/threaded
Bugtraq: 20080329 VMSA-2008-0006 Updated libxml2 service console package (Google Search)
http://www.securityfocus.com/archive/1/490306/100/0/threaded
Debian Security Information: DSA-1461 (Google Search)
http://www.debian.org/security/2008/dsa-1461
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00379.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00396.html
http://security.gentoo.org/glsa/glsa-200801-20.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:010
https://bugzilla.redhat.com/show_bug.cgi?id=425927
http://lists.vmware.com/pipermail/security-announce/2008/000009.html
http://mail.gnome.org/archives/xml/2008-January/msg00036.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11594
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5216
http://www.redhat.com/support/errata/RHSA-2008-0032.html
http://securitytracker.com/id?1019181
http://secunia.com/advisories/28439
http://secunia.com/advisories/28444
http://secunia.com/advisories/28450
http://secunia.com/advisories/28452
http://secunia.com/advisories/28458
http://secunia.com/advisories/28466
http://secunia.com/advisories/28470
http://secunia.com/advisories/28475
http://secunia.com/advisories/28636
http://secunia.com/advisories/28716
http://secunia.com/advisories/28740
http://secunia.com/advisories/29591
http://secunia.com/advisories/31074
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201514-1
SuSE Security Announcement: SUSE-SR:2008:002 (Google Search)
http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
https://usn.ubuntu.com/569-1/
http://www.vupen.com/english/advisories/2008/0117
http://www.vupen.com/english/advisories/2008/0144
http://www.vupen.com/english/advisories/2008/1033/references
http://www.vupen.com/english/advisories/2008/2094/references
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.