QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2008-1767

Back to search

CVE-2008-1767

Published: May 23, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.

VendorProductVersions

n/a

n/a

affected
n/a

References

MDVSA-2008:151
vendor-advisory
x_refsource_MANDRIVA
APPLE-SA-2008-11-13
vendor-advisory
x_refsource_APPLE
ADV-2008-1580
vdb-entry
x_refsource_VUPEN
1020071
vdb-entry
x_refsource_SECTRACK
31681
vdb-entry
x_refsource_BID
29312
vdb-entry
x_refsource_BID
RHSA-2008:0287
vendor-advisory
x_refsource_REDHAT
30393
third-party-advisory
x_refsource_SECUNIA
30521
third-party-advisory
x_refsource_SECUNIA
31363
third-party-advisory
x_refsource_SECUNIA
DSA-1589
vendor-advisory
x_refsource_DEBIAN
libxslt-xsl-bo(42560)
vdb-entry
x_refsource_XF
30315
third-party-advisory
x_refsource_SECUNIA
32706
third-party-advisory
x_refsource_SECUNIA
USN-633-1
vendor-advisory
x_refsource_UBUNTU
32222
third-party-advisory
x_refsource_SECUNIA
GLSA-200806-02
vendor-advisory
x_refsource_GENTOO
APPLE-SA-2008-07-11
vendor-advisory
x_refsource_APPLE
oval:org.mitre.oval:def:9785
vdb-entry
signature
x_refsource_OVAL
ADV-2008-2094
vdb-entry
x_refsource_VUPEN
ADV-2008-2780
vdb-entry
x_refsource_VUPEN
30323
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2008-10-09
vendor-advisory
x_refsource_APPLE
31074
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2008:013
vendor-advisory
x_refsource_SUSE
30717
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now