Launchpad.net

CVE 2008-1767

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.

Related bugs and status

CVE-2008-1767 (Candidate) is related to these bugs:

Bug #235909: [CVE-2008-1767] Buffer overflow in libxslt

		In	Importance	Status
235909	[CVE-2008-1767] Buffer overflow in libxslt	libxslt (Ubuntu)	Low	Fix Released
235909	[CVE-2008-1767] Buffer overflow in libxslt	libxslt (Debian)	Unknown	Fix Released
235909	[CVE-2008-1767] Buffer overflow in libxslt	libxslt (Ubuntu Dapper)	Low	Fix Released
235909	[CVE-2008-1767] Buffer overflow in libxslt	libxslt (Ubuntu Feisty)	Low	Fix Released
235909	[CVE-2008-1767] Buffer overflow in libxslt	libxslt (Ubuntu Intrepid)	Low	Fix Released
235909	[CVE-2008-1767] Buffer overflow in libxslt	libxslt (Ubuntu Hardy)	Low	Fix Released
235909	[CVE-2008-1767] Buffer overflow in libxslt	libxslt (Ubuntu Gutsy)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://bugzilla.gnome....
REDHAT: RHSA-2008:0287
BID: 29312
SECTRACK: 1020071
SECUNIA: 30315
SECUNIA: 30323
DEBIAN: DSA-1589
SECUNIA: 30393
GENTOO: GLSA-200806-02
SECUNIA: 30521
SUSE: SUSE-SR:2008:013
SECUNIA: 30717
APPLE: APPLE-SA-2008-07-11
MANDRIVA: MDVSA-2008:151
SECUNIA: 31074
UBUNTU: USN-633-1
SECUNIA: 31363
APPLE: APPLE-SA-2008-10-09
BID: 31681
CONFIRM: http://support.apple.c...
SECUNIA: 32222
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2008-11-13
VUPEN: ADV-2008-1580
VUPEN: ADV-2008-2094
VUPEN: ADV-2008-2780
SECUNIA: 32706
XF: libxslt-xsl-bo(42560)
OVAL: oval:org.mitre.oval:de...