[libxml2] [CVE-2007-6284] missing input validation
Bug #182810 reported by
disabled.user
This bug report is a duplicate of:
Bug #181985: denial of service bug in UTF-8 handling.
Edit
Remove
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libxml2 (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: libxml2
References:
DSA-1460-1 (http://
MDVSA-2008:010 (http://
Quoting DSA-1460-1:
"Brad Fitzpatrick discovered that the UTF-8 decoding functions of libxml2,
the GNOME XML library, validate UTF-8 correctness insufficiently, which
may lead to denial of service by forcing libxml2 into an infinite loop."
CVE References
To post a comment you must log in.