CVE-2008-2935
libxslt 1.1.x - RC4 Encryption and Decryption functions Buffer Overflow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."
Múltiples desbordamientos de búfer basados en montículo en las funciones rc4 de (1) cifrado (aka exsltCryptoRc4EncryptFunction) y (2) descifrado (aka exsltCryptoRc4DecryptFunction) en crypto.c en libexslt en libxslt 1.1.8 hasta 1.1.24 permite a atacantes dependientes de contexto ejecutar código de su elección a través de un fichero XML que contiene una larga cadena de caracteres como "un argumento en la entrada XSL."
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-06-30 CVE Reserved
- 2008-07-31 CVE Published
- 2008-07-31 First Exploit
- 2024-01-05 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (30)
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/32133 | 2008-07-31 | |
http://www.ocert.org/patches/exslt_crypt.patch | 2024-08-07 |
URL | Date | SRC |
---|---|---|
http://www.ocert.org/advisories/ocert-2008-009.html | 2018-10-11 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.8 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.8" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.9 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.9" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.10 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.10" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.11 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.11" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.12 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.12" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.13 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.13" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.14 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.14" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.15 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.15" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.16 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.16" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.17 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.17" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.18 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.18" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.19 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.19" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.20 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.20" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.21 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.21" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.22 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.22" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.23 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.23" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxslt Search vendor "Xmlsoft" for product "Libxslt" | 1.1.24 Search vendor "Xmlsoft" for product "Libxslt" and version "1.1.24" | - |
Affected
|