CVE-2008-4225

2008-11-26 00:30:00 2017-09-29 03:32:03

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Xmlsoft Libxml 2.7.2 (not an official CPE)

Xmlsoft - Libxml

Advisory	Patch	Confirmed	Link
			FEDORA-2008-9773
			FEDORA-2008-9729
			https://bugzilla.redhat.com/show_bug.cgi?id=470480
			https://admin.fedoraproject.org/updates/libxml2-2.7.2-2....
			https://admin.fedoraproject.org/updates/libxml2-2.7.2-2....
			ADV-2009-1621
			ADV-2009-1522
			ADV-2009-0301
			ADV-2009-0323
			ADV-2009-0034
			ADV-2008-3176
			http://www.vmware.com/security/advisories/VMSA-2009-0001...
			32331
			USN-673-1
			RHSA-2008:0988
			MDVSA-2008:231
			DSA-1666
			http://wiki.rpath.com/Advisories:rPSA-2008-0325
			http://support.avaya.com/elmodocs2/security/ASA-2009-067...
			http://support.apple.com/kb/HT3639
			http://support.avaya.com/elmodocs2/security/ASA-2009-002...
			http://support.apple.com/kb/HT3613
			265329
			261688
			251406
			http://sunsolve.sun.com/search/document.do?assetkey=1-21...
			http://sunsolve.sun.com/search/document.do?assetkey=1-21...
			SSA:2008-324-01
			1021239
			GLSA-200812-06
			APPLE-SA-2009-06-17-1
			APPLE-SA-2009-06-08-1

CVE-2008-4225

2008-11-26 00:30:00 2017-09-29 03:32:03

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)