Vulnerability CVE-2007-6284

Vulnerability Name:

CVE-2007-6284 (CCN-39610)

Assigned:

2007-12-10

Published:

2008-01-11

Updated:

2023-02-13

Summary:

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-835

Vulnerability Consequences:

Denial of Service

References:

Source: CCN
Type: BugTraq Mailing List, Fri Mar 28 2008 - 19:32:21 CDT
VMSA-2008-0006 Updated libxml2 service console package

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: MITRE
Type: CNA
CVE-2007-6284

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: RHSA-2008-0032
Important: libxml2 security update

Source: CCN
Type: SA28444
Libxml2 UTF-8 Parsing Denial of Service Vulnerability

Source: CCN
Type: SA28466
Sun Solaris Libxml2 UTF-8 Parsing Denial of Service

Source: CCN
Type: SA28740
Avaya Products Libxml2 UTF-8 Parsing Denial of Service

Source: CCN
Type: SA30560
VLC Media Player GnuTLS and Libxml2 Vulnerabilities

Source: CCN
Type: SA31074
Apple iPhone / iPod touch Multiple Vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: SECTRACK ID: 1019181
Libxml2 UTF-8 Validation Flaw Lets Remote Users Deny Service

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Sun Alert ID: 103201
Security Vulnerability in the libxml2 Library may Lead to a Denial of Service (DoS).

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Sun Alert ID: 201514
Security Vulnerability in the libxml2 Library May Lead to a Denial of Service (DoS)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Apple Web site
About the security content of iPhone v2.0 and iPod touch v2.0

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: ASA-2008-047
Security Vulnerability in the libxml2 Library may Lead to a Denial of Service (DoS). (Sun 103201)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: ASA-2008-050
libxml2 security update (RHSA-2008-0032)

Source: CCN
Type: VideoLAN Web site
Changes between 0.8.6g and 0.8.6h

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: DEBIAN
Type: DSA-1461
libxml2 -- missing input validation

Source: CCN
Type: GLSA-200801-20
libxml2: Denial of Service

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Patch
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: BID-27248
libxml2 'xmlCurrentChar()' UTF-8 Parsing Remote Denial of Service Vulnerability

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: BID-30186
Apple iPhone and iPod Touch Prior to Version 2.0 Multiple Remote Vulnerabilities

Source: CCN
Type: USN-569-1
libxml2 vulnerability

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: XMLsoft Web site
Libxml2

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Red Hat Bugzilla Bug 425927
CVE-2007-6284 libxml2: infinite loop in UTF-8 decoding

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
libxml2-xmlcurrentchar-dos(39610)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: SUSE
Type: SUSE-SR:2008:002
SUSE Security Summary Report

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20076284	V	CVE-2007-6284	2022-06-30
oval:org.opensuse.security:def:42389	P	Security update for kernel-firmware (Moderate)	2022-05-25
oval:org.opensuse.security:def:42182	P	Security update for gzip (Important)	2022-05-10
oval:org.opensuse.security:def:112928	P	libxml2-2-2.9.12-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31328	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:31709	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:32225	P	Security update for postgresql10 (Important)	2021-11-22
oval:org.opensuse.security:def:26162	P	Security update for pcre (Moderate)	2021-11-10
oval:org.opensuse.security:def:31294	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:31698	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:31697	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:31696	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:32203	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:106383	P	libxml2-2-2.9.12-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:31686	P	Security update for xen (Important)	2021-09-23
oval:org.opensuse.security:def:26134	P	Security update for the Linux Kernel (Important)	2021-09-23
oval:org.opensuse.security:def:26109	P	Security update for unrar (Moderate)	2021-08-25
oval:org.opensuse.security:def:31254	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:32164	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:31667	P	Security update for fetchmail (Moderate)	2021-08-18
oval:org.opensuse.security:def:31243	P	Security update for cpio (Important)	2021-08-14
oval:org.opensuse.security:def:26101	P	Security update for php74 (Important)	2021-08-06
oval:org.opensuse.security:def:31242	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:32151	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:32946	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:32115	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:36509	P	libxml2-devel-2.7.6-0.31.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42638	P	libxml2-2.7.6-0.31.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26070	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:36231	P	libxml2-2.7.6-0.31.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26065	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:26059	P	Security update for postgresql12 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26058	P	Security update for postgresql10 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26057	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:26043	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:32907	P	Security update for gdm (Important)	2021-04-28
oval:org.opensuse.security:def:31162	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:31609	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:32064	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32059	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32062	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:26211	P	Security update for glib2 (Important)	2021-03-16
oval:org.opensuse.security:def:26206	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:31742	P	Security update for git (Important)	2021-03-09
oval:org.opensuse.security:def:32269	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:26122	P	Security update for python-urllib3 (Moderate)	2021-02-03
oval:org.opensuse.security:def:25984	P	Security update for cyrus-sasl (Important)	2020-12-28
oval:org.opensuse.security:def:32018	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:31088	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:32007	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:35608	P	libxml2-2.7.6-0.1.37 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35775	P	libxml2-2.7.6-0.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42015	P	libxml2-2.7.6-0.1.37 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35982	P	libxml2-2.7.6-0.23.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25781	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31915	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:31076	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25529	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26498	P	Security update for nextcloud (Moderate)	2020-12-01
oval:org.opensuse.security:def:26608	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25856	P	Security update for gd (Important)	2020-12-01
oval:org.opensuse.security:def:31791	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26946	P	libecpg6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25667	P	Security update for u-boot (Important)	2020-12-01
oval:org.opensuse.security:def:26834	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31450	P	Security update for postgresql10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25789	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:25160	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:27507	P	libxml2-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25532	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31535	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:25877	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32700	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25235	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31443	P	Security update for policycoreutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:32517	P	g3utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25544	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31759	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:26688	P	ecryptfs-utils-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25444	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:31852	P	Recommended udpate for SUSE Manager Client Tools (Low)	2020-12-01
oval:org.opensuse.security:def:26264	P	Security update for gegl (Moderate)	2020-12-01
oval:org.opensuse.security:def:33194	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25736	P	Security update for mozilla-nspr, mozilla-nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:31903	P	Security update for fontconfig (Low)	2020-12-01
oval:org.opensuse.security:def:26776	P	libzip1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26774	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25585	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:31957	P	Security update for gdk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27194	P	liblzo2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25874	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32363	P	Security update for sudo (Moderate)	2020-12-01
oval:org.opensuse.security:def:31896	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26343	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:25955	P	Security update for gstreamer-0_10-plugins-bad (Moderate)	2020-12-01
oval:org.opensuse.security:def:25326	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:31460	P	Security update for postgresql94 (Important)	2020-12-01
oval:org.opensuse.security:def:26357	P	Security update for enigmail (Important)	2020-12-01
oval:org.opensuse.security:def:32451	P	Security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:32573	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25780	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:31783	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26484	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:25401	P	Security update for freetype2 (Important)	2020-12-01
oval:org.opensuse.security:def:26459	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26573	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25792	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:26308	P	Security update for python modules (Low)	2020-12-01
oval:org.opensuse.security:def:31077	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25610	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26512	P	Security update for pdns-recursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:31449	P	Security update for postgresql10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31830	P	Security update for bind (Critical)	2020-12-01
oval:org.opensuse.security:def:26981	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25159	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:25751	P	Security update for libssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:27472	P	libpng-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31461	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25838	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25171	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:31386	P	Security update for openvpn-openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:32473	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25533	P	Security update for ed (Low)	2020-12-01
oval:org.opensuse.security:def:26635	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25891	P	Security update for libimobiledevice, usbmuxd (Important)	2020-12-01
oval:org.opensuse.security:def:32739	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25363	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:31530	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:26250	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:33155	P	libicu-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25608	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31816	P	Security update for apport (Moderate)	2020-12-01
oval:org.opensuse.security:def:26737	P	libadns1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26739	P	libapr1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25501	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:31908	P	Security update for freetype2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26556	P	gmime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25817	P	Security update for pidgin-otr (Important)	2020-12-01
oval:org.opensuse.security:def:32307	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:26790	P	ofed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26262	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25902	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:31996	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:27229	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25325	P	Security update for freetype2 (Important)	2020-12-01
oval:org.opensuse.security:def:25958	P	Security update for libwpd (Important)	2020-12-01
oval:org.opensuse.security:def:32412	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:32534	P	kde4-kgreeter-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26400	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26004	P	Security update for shotwell (Moderate)	2020-12-01
oval:org.opensuse.security:def:25337	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:31552	P	Security update for socat (Moderate)	2020-12-01
oval:org.opensuse.security:def:26410	P	Security update for freexl (Important)	2020-12-01
oval:org.opensuse.security:def:25935	P	Security update for libcares2 (Moderate)	2020-12-01
oval:org.mitre.oval:def:17223	P	USN-569-1 -- libxml2 vulnerability	2014-06-30
oval:org.mitre.oval:def:18676	P	DSA-1461-1 libxml2 - denial of service	2014-06-23
oval:org.mitre.oval:def:8180	P	DSA-1461 libxml2 -- missing input validation	2014-06-23
oval:org.mitre.oval:def:22637	P	ELSA-2008:0032: libxml2 security update (Important)	2014-05-26
oval:org.mitre.oval:def:11594	V	The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.	2013-04-29
oval:org.mitre.oval:def:5216	V	Security Vulnerability in the libxml2 Library May Lead to a Denial of Service (DoS)	2008-03-24
oval:com.redhat.rhsa:def:20080032	P	RHSA-2008:0032: libxml2 security update (Important)	2008-01-28
oval:org.debian:def:1461	V	missing input validation	2008-01-13

BACK