CVSS: 6.5EPSS: 0%CPEs: 26EXPL: 0CVE-2008-3281 – libxml2 denial of service
https://notcve.org/view.php?id=CVE-2008-3281
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document. libxml2 2.6.32 y anteriores, no detecta correctamente la recursividad durante la expansión de una entidad en un valor de un atributo; esto permite a atacantes dependientes del contexto provocar una denegación de servicio (consumo de la memoria y la CPU) mediante un documento XML manipulado. • http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html http://lists.vmware.com/pipermail/security-announce/2008/000039.html http://mail.gnome.org/archives/xml/2008-August/msg00034.html http://secunia.com/advisories/31558 http://secunia.com/advisories/31566 http://secunia.com/advisories/31590 http://secunia.com/advisories/3172 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 7.5EPSS: 18%CPEs: 17EXPL: 2CVE-2008-2935 – libxslt 1.1.x - RC4 Encryption and Decryption functions Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-2935
Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input." Múltiples desbordamientos de búfer basados en montículo en las funciones rc4 de (1) cifrado (aka exsltCryptoRc4EncryptFunction) y (2) descifrado (aka exsltCryptoRc4DecryptFunction) en crypto.c en libexslt en libxslt 1.1.8 hasta 1.1.24 permite a atacantes dependientes de contexto ejecutar código de su elección a través de un fichero XML que contiene una larga cadena de caracteres como "un argumento en la entrada XSL." • https://www.exploit-db.com/exploits/32133 http://secunia.com/advisories/31230 http://secunia.com/advisories/31310 http://secunia.com/advisories/31331 http://secunia.com/advisories/31363 http://secunia.com/advisories/31395 http://secunia.com/advisories/31399 http://secunia.com/advisories/32453 http://security.gentoo.org/glsa/glsa-200808-06.xml http://securityreason.com/securityalert/4078 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0306 http://www.debian.org/security/20 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 13%CPEs: 16EXPL: 2CVE-2004-0989 – Libxml2 - Multiple Remote Stack Buffer Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-0989
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. • https://www.exploit-db.com/exploits/24704 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000890 http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html http://marc.info/?l=bugtraq&m=109880813013482&w=2 http://secunia.com/advisories/13000 http://securitytracker.com/id?1011941 http://www.ciac.org/ciac/bulletins/p-029.shtml http://www.debian.org/security/2004/dsa-582 http://www.gentoo.org/security/en/glsa/glsa-200411-05.xml http://www&# •
CVSS: 7.5EPSS: 67%CPEs: 14EXPL: 1CVE-2004-0110 – libxml 2.6.12 nanoftp - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0110
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL. Desbordamiento de búfer en los módulos (1) nanohttp o (2) nanoftp en XMLSoft Libxml2 2.6.0 a 2.6.5 permite a atacantes remotos ejecutar código arbitrario mediante una URL larga. • https://www.exploit-db.com/exploits/601 http://marc.info/?l=bugtraq&m=107851606605420&w=2 http://marc.info/?l=bugtraq&m=107860178228804&w=2 http://rhn.redhat.com/errata/RHSA-2004-090.html http://secunia.com/advisories/10958 http://security.gentoo.org/glsa/glsa-200403-01.xml http://www.ciac.org/ciac/bulletins/o-086.shtml http://www.debian.org/security/2004/dsa-455 http://www.kb.cert.org/vuls/id/493966 http://www.novell.com/linux/security/advisories&#x •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2003-1564 – libxml2: billion laughs DoS attack
https://notcve.org/view.php?id=CVE-2003-1564
libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, aka the "billion laughs attack." • http://mail.gnome.org/archives/xml/2008-August/msg00034.html http://secunia.com/advisories/31868 http://www.reddit.com/r/programming/comments/65843/time_to_upgrade_libxml2 http://www.redhat.com/support/errata/RHSA-2008-0886.html http://www.stylusstudio.com/xmldev/200302/post20020.html http://xmlsoft.org/news.html https://access.redhat.com/security/cve/CVE-2003-1564 https://bugzilla.redhat.com/show_bug.cgi?id=461107 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •