Rapid7 Vulnerability & Exploit Database

RHSA-2008:0032: libxml2 security update

Back to Search

RHSA-2008:0032: libxml2 security update

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
01/11/2008
Created
07/25/2018
Added
03/10/2008
Modified
07/04/2017

Description

Updated libxml2 packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

The libxml2 packages provide a library that allows you to manipulate XML files. It includes support to read, modify, and write XML and HTML files. A denial of service flaw was found in the way libxml2 processes certain content. If an application linked against libxml2 processes malformed XML content, it could cause the application to stop responding. (CVE-2007-6284) Red Hat would like to thank the Google Security Team for responsibly disclosing this issue. All users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.

Solution(s)

  • redhat-upgrade-libxml2
  • redhat-upgrade-libxml2-devel
  • redhat-upgrade-libxml2-python

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;