libxml2 2.6.32 and previous versions does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
xmlsoft libxml2 |
||
apple safari |
||
apple iphone os |
||
fedoraproject fedora 9 |
||
canonical ubuntu linux 7.04 |
||
canonical ubuntu linux 7.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 6.06 |
||
debian debian linux 4.0 |
||
redhat enterprise linux server 5.0 |
||
redhat enterprise linux desktop 3.0 |
||
redhat enterprise linux workstation 5.0 |
||
redhat enterprise linux desktop 4.0 |
||
redhat enterprise linux desktop 5.0 |
||
redhat enterprise linux eus 4.7 |
||
redhat enterprise linux server 4.0 |
||
redhat enterprise linux workstation 4.0 |
||
redhat enterprise linux workstation 3.0 |
||
redhat enterprise linux server 3.0 |
||
redhat enterprise linux eus 5.2 |
||
redhat enterprise linux server 2.0 |
||
redhat enterprise linux workstation 2.0 |
||
vmware esx 2.5.4 |
||
vmware esx 3.0.2 |
||
vmware esx 2.5.5 |
||
vmware esx 3.0.3 |
Vulmon