PT-2008-1094 · Gentoo Linux · Libxml2

Christian Weiske

Published

2008-10-03

Updated

2024-06-15

CVE-2008-4409

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.7.2-r1

Description The issue affects the libxml2 package in Gentoo Linux, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Exploitation of the vulnerabilities can be carried out remotely.

Recommendations For versions prior to 2.7.2-r1, update to version 2.7.2-r1 or later to resolve the issue.

Exploit

Fix

XML Entity Expansion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399CWE-776

Related Identifiers

BDU:2015-09349

CVE-2008-4409

OPENSUSE-SU-2024:10192-1

OPENSUSE-SU-2024:10228-1

Affected Products

Libxml2

PT-2008-1094 · Gentoo Linux · Libxml2

CVE-2008-4409

Weakness Enumeration

Related Identifiers

Affected Products

References · 55