Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.61816
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2008:0988
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2008:0988.

libxml2 is a library for parsing and manipulating XML files. It includes
support for reading, modifying, and writing XML and HTML files.

An integer overflow flaw causing a heap-based buffer overflow was found in
the libxml2 XML parser. If an application linked against libxml2 processed
untrusted, malformed XML content, it could cause the application to crash
or, possibly, execute arbitrary code. (CVE-2008-4226)

A denial of service flaw was discovered in the libxml2 XML parser. If an
application linked against libxml2 processed untrusted, malformed XML
content, it could cause the application to enter an infinite loop.
(CVE-2008-4225)

Red Hat would like to thank Drew Yao of the Apple Product Security team for
reporting these issues.

Users of libxml2 are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0988.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-4225
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
BugTraq ID: 32331
http://www.securityfocus.com/bid/32331
Debian Security Information: DSA-1666 (Google Search)
http://www.debian.org/security/2008/dsa-1666
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00472.html
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00513.html
http://security.gentoo.org/glsa/glsa-200812-06.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:231
http://www.osvdb.org/49992
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10025
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6234
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6415
http://www.redhat.com/support/errata/RHSA-2008-0988.html
http://securitytracker.com/id?1021239
http://secunia.com/advisories/32762
http://secunia.com/advisories/32764
http://secunia.com/advisories/32766
http://secunia.com/advisories/32773
http://secunia.com/advisories/32802
http://secunia.com/advisories/32807
http://secunia.com/advisories/32811
http://secunia.com/advisories/32974
http://secunia.com/advisories/33417
http://secunia.com/advisories/33746
http://secunia.com/advisories/33792
http://secunia.com/advisories/34247
http://secunia.com/advisories/35379
http://secunia.com/advisories/36173
http://secunia.com/advisories/36235
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473974
http://sunsolve.sun.com/search/document.do?assetkey=1-26-251406-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1
http://www.ubuntu.com/usn/usn-673-1
http://www.vupen.com/english/advisories/2008/3176
http://www.vupen.com/english/advisories/2009/0034
http://www.vupen.com/english/advisories/2009/0301
http://www.vupen.com/english/advisories/2009/0323
http://www.vupen.com/english/advisories/2009/1522
http://www.vupen.com/english/advisories/2009/1621
Common Vulnerability Exposure (CVE) ID: CVE-2008-4226
BugTraq ID: 32326
http://www.securityfocus.com/bid/32326
HPdes Security Advisory: HPSBMA02492
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444
HPdes Security Advisory: SSRT100079
http://www.osvdb.org/49993
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6219
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6360
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9888
http://securitytracker.com/id?1021238
http://secunia.com/advisories/32872
SuSE Security Announcement: SUSE-SR:2008:026 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.