Buffer overflow in pattern.c in libxslt prior to 1.1.24 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat enterprise linux 3.0 |
||
redhat enterprise linux desktop workstation 5 |
||
redhat linux advanced workstation 2.1 |
||
redhat desktop 3 |
||
redhat enterprise linux 4.0 |
||
redhat enterprise linux 2.1 |
||
redhat enterprise linux desktop 4 |
||
redhat enterprise linux desktop 5 |
||
redhat enterprise linux 5.0 |