Vulnerability Name: CVE-2004-0989 (CCN-17870) Assigned: 2004-10-25 Published: 2004-10-25 Updated: 2017-10-11 Summary: Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Access References: Source: CCNlibxml2 remote buffer overflows (not in xml parsing code though) CVE-2004-0989 CLA-2004:890 Fixes for libxml2 buffer overflow vulnerabilities APPLE-SA-2005-01-25 20041026 libxml2 remote buffer overflows (not in xml parsing code though) libxml2 security update libxml security update Libxml2 Multiple Buffer Overflows 13000 Libxml2 URL Parsing and DNS Resolution Buffer Overflows May Let Remote Users Execute Arbitrary Code 1011941 libxml and libxml2 Buffer Overflow P-029 Updated "libxml" Packages for Versions Prior to 2.6.14 Apple Security Update 2005-001 for Mac OS X DSA-582 libxml -- buffer overflow libxml2: Remotely exploitable buffer overflow GLSA-200411-05 SUSE-SR:2005:001 Libxml 11179 11180 11324 libxml2 FTP URL Processing Overflow libxml2 DNS Reply Overflows libxml2 Proxy FTP URL Processing Overflow RHSA-2004:615 RHSA-2004:650 11526 Libxml2 Multiple Remote Stack Buffer Overflow Vulnerabilities multiple security issues Buffer overflow vulnerabilites exist in libxml Buffer overflow vulnerabilites exist in libxml2 XML library vulnerabilities Libxml2 libxml2-xmlnanoftpscanurl-bo(17870) libxml2-xmlnanoftpscanurl-bo(17870) libxml2-nanoftp-file-bo(17872) libxml2-xmlnanoftpscanproxy-bo(17875) libxml2-nanohttp-file-bo(17876) oval:org.mitre.oval:def:10505 oval:org.mitre.oval:def:1173 samba: remote denial of service SUSE Security Summary Report USN-89-1 Vulnerable Configuration: Configuration 1 :cpe:/a:xmlsoft:libxml:1.8.17:*:*:*:*:*:*:* OR cpe:/a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:* OR cpe:/a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:* OR cpe:/a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:* OR cpe:/a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:* OR cpe:/a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:* OR cpe:/a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:* OR cpe:/a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:* OR cpe:/a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:* OR cpe:/a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:* OR cpe:/a:xmlstarlet:command_line_xml_toolkit:0.9.1:*:*:*:*:*:*:* Configuration 2 :cpe:/o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:2.0:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:2.1:*:*:*:*:*:*:* OR cpe:/o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:* OR cpe:/o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:* Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:* Vulnerability Name: CVE-2004-0989 (CCN-17872) Assigned: 2004-10-25 Published: 2004-10-25 Updated: 2004-10-25 Summary: Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Consequences: Gain Access References: Source: CCNlibxml2 remote buffer overflows (not in xml parsing code though) CVE-2004-0989 libxml2 security update libxml security update Libxml2 Multiple Buffer Overflows Libxml2 URL Parsing and DNS Resolution Buffer Overflows May Let Remote Users Execute Arbitrary Code libxml and libxml2 Buffer Overflow Updated "libxml" Packages for Versions Prior to 2.6.14 Apple Security Update 2005-001 for Mac OS X libxml -- buffer overflow libxml2: Remotely exploitable buffer overflow Libxml libxml2 FTP URL Processing Overflow libxml2 DNS Reply Overflows libxml2 Proxy FTP URL Processing Overflow Libxml2 Multiple Remote Stack Buffer Overflow Vulnerabilities multiple security issues Buffer overflow vulnerabilites exist in libxml Buffer overflow vulnerabilites exist in libxml2 XML library vulnerabilities Libxml2 libxml2-nanoftp-file-bo(17872) samba: remote denial of service SUSE Security Summary Report Vulnerable Configuration: Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:* OR cpe:/a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:* AND cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:* OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:* OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:* OR cpe:/o:trustix:secure_linux:2.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:* OR cpe:/o:trustix:secure_linux:2.1:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:* OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:hosting:*:server:*:*:* OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:* OR cpe:/a:openpkg:openpkg:2.1:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:* OR cpe:/a:openpkg:openpkg:2.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:* OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:* OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_server:9:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:* OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:* OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:hosting:*:server:*:*:* OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:workgroup:*:server:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:* Vulnerability Name: CVE-2004-0989 (CCN-17875) Assigned: 2004-10-25 Published: 2004-10-25 Updated: 2004-10-25 Summary: Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Consequences: Gain Access References: Source: CCNlibxml2 remote buffer overflows (not in xml parsing code though) CVE-2004-0989 Fixes for libxml2 buffer overflow vulnerabilities libxml2 security update libxml security update Libxml2 Multiple Buffer Overflows Libxml2 URL Parsing and DNS Resolution Buffer Overflows May Let Remote Users Execute Arbitrary Code libxml and libxml2 Buffer Overflow Updated "libxml" Packages for Versions Prior to 2.6.14 Apple Security Update 2005-001 for Mac OS X libxml -- buffer overflow libxml2: Remotely exploitable buffer overflow Libxml libxml2 FTP URL Processing Overflow libxml2 DNS Reply Overflows libxml2 Proxy FTP URL Processing Overflow Libxml2 Multiple Remote Stack Buffer Overflow Vulnerabilities multiple security issues Buffer overflow vulnerabilites exist in libxml Buffer overflow vulnerabilites exist in libxml2 XML library vulnerabilities Libxml2 libxml2-xmlnanoftpscanproxy-bo(17875) samba: remote denial of service SUSE Security Summary Report Vulnerable Configuration: Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:* OR cpe:/a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:* AND cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:* OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:* OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:* OR cpe:/o:conectiva:linux:9.0:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:2.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:* OR cpe:/o:trustix:secure_linux:2.1:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:* OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:hosting:*:server:*:*:* OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:* OR cpe:/o:conectiva:linux:10:*:*:*:*:*:*:* OR cpe:/a:openpkg:openpkg:2.1:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:* OR cpe:/a:openpkg:openpkg:2.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:* OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:* OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_server:9:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:* OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:* OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:hosting:*:server:*:*:* OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:workgroup:*:server:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:* Vulnerability Name: CVE-2004-0989 (CCN-17876) Assigned: 2004-10-25 Published: 2004-10-25 Updated: 2004-10-25 Summary: Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Consequences: Gain Access References: Source: CCNlibxml2 remote buffer overflows (not in xml parsing code though) CVE-2004-0989 libxml2 security update libxml security update Libxml2 Multiple Buffer Overflows Libxml2 URL Parsing and DNS Resolution Buffer Overflows May Let Remote Users Execute Arbitrary Code libxml and libxml2 Buffer Overflow Updated "libxml" Packages for Versions Prior to 2.6.14 Apple Security Update 2005-001 for Mac OS X libxml -- buffer overflow libxml2: Remotely exploitable buffer overflow Libxml libxml2 FTP URL Processing Overflow libxml2 DNS Reply Overflows libxml2 Proxy FTP URL Processing Overflow Libxml2 Multiple Remote Stack Buffer Overflow Vulnerabilities multiple security issues Buffer overflow vulnerabilites exist in libxml Buffer overflow vulnerabilites exist in libxml2 XML library vulnerabilities Libxml2 libxml2-nanohttp-file-bo(17876) samba: remote denial of service SUSE Security Summary Report Vulnerable Configuration: Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:* OR cpe:/a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:* AND cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:* OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:* OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:* OR cpe:/o:trustix:secure_linux:2.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:* OR cpe:/o:trustix:secure_linux:2.1:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:* OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:hosting:*:server:*:*:* OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:* OR cpe:/a:openpkg:openpkg:2.1:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:* OR cpe:/a:openpkg:openpkg:2.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:* OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:* OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_server:9:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:* OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:* OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:hosting:*:server:*:*:* OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:workgroup:*:server:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:* Oval Definitions Definition ID Class Title Last Modified oval:org.opensuse.security:def:20040989 V CVE-2004-0989 2015-11-16 oval:org.mitre.oval:def:10505 V Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. 2013-04-29 oval:org.mitre.oval:def:1173 V Multiple Buffer Overflows in libXML2 2005-08-18 oval:com.redhat.rhsa:def:20040650 P RHSA-2004:650: libxml security update (Moderate) 2005-05-26 oval:com.redhat.rhsa:def:20040615 P RHSA-2004:615: libxml2 security update (Moderate) 2004-11-12 oval:org.debian:def:582 V buffer overflow 2004-11-02
BACK
xmlsoft libxml 1.8.17
xmlsoft libxml2 2.5.11
xmlsoft libxml2 2.6.6
xmlsoft libxml2 2.6.7
xmlsoft libxml2 2.6.8
xmlsoft libxml2 2.6.9
xmlsoft libxml2 2.6.11
xmlsoft libxml2 2.6.12
xmlsoft libxml2 2.6.13
xmlsoft libxml2 2.6.14
xmlstarlet command line xml toolkit 0.9.1
redhat fedora core core_2.0
trustix secure linux 2.0
trustix secure linux 2.1
ubuntu ubuntu linux 4.1
ubuntu ubuntu linux 4.1
xmlsoft libxml2 2.6.12
xmlsoft libxml2 2.6.13
debian debian linux 3.0
openpkg openpkg current
gentoo linux *
mandrakesoft mandrake linux corporate server 2.1
redhat enterprise linux 2.1
redhat enterprise linux 2.1
redhat enterprise linux 2.1
trustix secure linux 2.0
mandrakesoft mandrake linux 9.2
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
trustix secure linux 2.1
mandrakesoft mandrake linux 10.0
turbolinux turbolinux appliance server 1.0_hosting
suse suse linux 9.1
redhat enterprise linux 3
openpkg openpkg 2.1
suse suse linux 9.2
openpkg openpkg 2.2
mandrakesoft mandrake linux 10.1
novell linux desktop 9
redhat linux advanced workstation 2.1
suse linux enterprise server 9
mandrakesoft mandrake linux 10.1
turbolinux turbolinux home *
turbolinux turbolinux appliance server 1.0_hosting_edition
turbolinux turbolinux appliance server 1.0_workgroup_edition
mandrakesoft mandrake linux 9.2
mandrakesoft mandrake linux 10.0
mandrakesoft mandrake linux corporate server 2.1
xmlsoft libxml2 2.6.12
xmlsoft libxml2 2.6.13
debian debian linux 3.0
openpkg openpkg current
gentoo linux *
mandrakesoft mandrake linux corporate server 2.1
redhat enterprise linux 2.1
redhat enterprise linux 2.1
redhat enterprise linux 2.1
redhat enterprise linux 2.1
conectiva linux 9.0
trustix secure linux 2.0
mandrakesoft mandrake linux 9.2
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
trustix secure linux 2.1
mandrakesoft mandrake linux 10.0
turbolinux turbolinux appliance server 1.0_hosting
suse suse linux 9.1
redhat enterprise linux 3
conectiva linux 10
openpkg openpkg 2.1
suse suse linux 9.2
openpkg openpkg 2.2
mandrakesoft mandrake linux 10.1
novell linux desktop 9
redhat linux advanced workstation 2.1
suse linux enterprise server 9
mandrakesoft mandrake linux 10.1
turbolinux turbolinux home *
turbolinux turbolinux appliance server 1.0_hosting_edition
turbolinux turbolinux appliance server 1.0_workgroup_edition
mandrakesoft mandrake linux 9.2
mandrakesoft mandrake linux 10.0
mandrakesoft mandrake linux corporate server 2.1
xmlsoft libxml2 2.6.12
xmlsoft libxml2 2.6.13
debian debian linux 3.0
openpkg openpkg current
gentoo linux *
mandrakesoft mandrake linux corporate server 2.1
redhat enterprise linux 2.1
redhat enterprise linux 2.1
redhat enterprise linux 2.1
trustix secure linux 2.0
mandrakesoft mandrake linux 9.2
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
trustix secure linux 2.1
mandrakesoft mandrake linux 10.0
turbolinux turbolinux appliance server 1.0_hosting
suse suse linux 9.1
redhat enterprise linux 3
openpkg openpkg 2.1
suse suse linux 9.2
openpkg openpkg 2.2
mandrakesoft mandrake linux 10.1
novell linux desktop 9
redhat linux advanced workstation 2.1
suse linux enterprise server 9
mandrakesoft mandrake linux 10.1
turbolinux turbolinux home *
turbolinux turbolinux appliance server 1.0_hosting_edition
turbolinux turbolinux appliance server 1.0_workgroup_edition
mandrakesoft mandrake linux 9.2
mandrakesoft mandrake linux 10.0
mandrakesoft mandrake linux corporate server 2.1
Denotes that component is vulnerable