Back to search
CVE-2008-3529
Published: Sep 12, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
USN-815-1
vendor-advisory
x_refsource_UBUNTU
USN-644-1
vendor-advisory
x_refsource_UBUNTU
http://support.avaya.com/elmodocs2/security/ASA-2008-400.htm
x_refsource_CONFIRM
http://support.apple.com/kb/HT3639
x_refsource_CONFIRM
31860
third-party-advisory
x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1
x_refsource_CONFIRM
32280
third-party-advisory
x_refsource_SECUNIA
31855
third-party-advisory
x_refsource_SECUNIA
ADV-2009-1621
vdb-entry
x_refsource_VUPEN
libxml2-entitynames-bo(45085)
vdb-entry
x_refsource_XF
http://support.apple.com/kb/HT3549
x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1
x_refsource_CONFIRM
32807
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2009-06-08-1
vendor-advisory
x_refsource_APPLE
31982
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=461015
x_refsource_CONFIRM
31868
third-party-advisory
x_refsource_SECUNIA
DSA-1654
vendor-advisory
x_refsource_DEBIAN
http://xmlsoft.org/news.html
x_refsource_MISC
oval:org.mitre.oval:def:6103
vdb-entry
signature
x_refsource_OVAL
ADV-2009-1298
vdb-entry
x_refsource_VUPEN
35074
third-party-advisory
x_refsource_SECUNIA
8798
exploit
x_refsource_EXPLOIT-DB
36173
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0884
vendor-advisory
x_refsource_REDHAT
ADV-2009-1522
vdb-entry
x_refsource_VUPEN
1020855
vdb-entry
x_refsource_SECTRACK
32265
third-party-advisory
x_refsource_SECUNIA
GLSA-200812-06
vendor-advisory
x_refsource_GENTOO
APPLE-SA-2009-06-17-1
vendor-advisory
x_refsource_APPLE
33715
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2008:018
vendor-advisory
x_refsource_SUSE
35056
third-party-advisory
x_refsource_SECUNIA
http://wiki.rpath.com/Advisories:rPSA-2008-0325
x_refsource_CONFIRM
247346
vendor-advisory
x_refsource_SUNALERT
APPLE-SA-2009-05-12
vendor-advisory
x_refsource_APPLE
31126
vdb-entry
x_refsource_BID
http://support.avaya.com/elmodocs2/security/ASA-2009-025.htm
x_refsource_CONFIRM
35379
third-party-advisory
x_refsource_SECUNIA
33722
third-party-advisory
x_refsource_SECUNIA
MDVSA-2008:192
vendor-advisory
x_refsource_MANDRIVA
32974
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:11760
vdb-entry
signature
x_refsource_OVAL
36235
third-party-advisory
x_refsource_SECUNIA
TA09-133A
third-party-advisory
x_refsource_CERT
265329
vendor-advisory
x_refsource_SUNALERT
ADV-2009-1297
vdb-entry
x_refsource_VUPEN
http://support.apple.com/kb/HT3550
x_refsource_CONFIRM
261688
vendor-advisory
x_refsource_SUNALERT
31558
third-party-advisory
x_refsource_SECUNIA
http://support.apple.com/kb/HT3613
x_refsource_CONFIRM
ADV-2008-2822
vdb-entry
x_refsource_VUPEN
RHSA-2008:0886
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now