Rapid7 Vulnerability & Exploit Database

RHSA-2008:0836: libxml2 security update

Back to Search

RHSA-2008:0836: libxml2 security update

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
08/27/2008
Created
07/25/2018
Added
09/09/2008
Modified
07/04/2017

Description

The libxml2 packages provide a library that allows you to manipulate XMLfiles. It includes support to read, modify, and write XML and HTML files.A denial of service flaw was found in the way libxml2 processes certaincontent. If an application linked against libxml2 processes malformed XMLcontent, it could cause the application to stop responding. (CVE-2008-3281)Red Hat would like to thank Andreas Solberg for responsibly disclosing thisissue.All users of libxml2 are advised to upgrade to these updated packages,which contain a backported patch to resolve this issue.

Solution(s)

  • redhat-upgrade-libxml2
  • redhat-upgrade-libxml2-devel
  • redhat-upgrade-libxml2-python

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;