Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.702779
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2779-1 (libxml2 - denial of service)
Summary:Aki Helin of OUSPG discovered many out-of-bounds read issues in libxml2,;the GNOME project's XML parser library, which can lead to denial of;service issues when handling XML documents that end abruptly.
Description:Summary:
Aki Helin of OUSPG discovered many out-of-bounds read issues in libxml2,
the GNOME project's XML parser library, which can lead to denial of
service issues when handling XML documents that end abruptly.

Affected Software/OS:
libxml2 on Debian Linux

Solution:
For the oldstable distribution (squeeze), this problem has been fixed in
version 2.7.8.dfsg-2+squeeze8.

For the stable distribution (wheezy), this problem has been fixed in
version 2.8.0+dfsg1-7+nmu2.

For the testing (jessie) and unstable (sid) distributions, this
problem has been fixed in version 2.9.1+dfsg1-1.

We recommend that you upgrade your libxml2 packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-2877
BugTraq ID: 61050
http://www.securityfocus.com/bid/61050
Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/534161/100/0/threaded
Debian Security Information: DSA-2724 (Google Search)
http://www.debian.org/security/2013/dsa-2724
Debian Security Information: DSA-2779 (Google Search)
http://www.debian.org/security/2013/dsa-2779
http://seclists.org/fulldisclosure/2014/Dec/23
http://secunia.com/advisories/54172
http://secunia.com/advisories/55568
SuSE Security Announcement: SUSE-SU-2013:1627 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
SuSE Security Announcement: openSUSE-SU-2013:1221 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-07/msg00063.html
SuSE Security Announcement: openSUSE-SU-2013:1246 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-07/msg00077.html
http://www.ubuntu.com/usn/USN-1904-1
http://www.ubuntu.com/usn/USN-1904-2
CopyrightCopyright (C) 2013 Greenbone Networks GmbH http://greenbone.net

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.