Ubuntu
libxml2 package

[libxml2] [CVE-2007-6284] missing input validation

Bug #182810 reported by disabled.user on 2008-01-14

This bug report is a duplicate of: Bug #181985: denial of service bug in UTF-8 handling. Edit Remove

254

Affects		Status	Importance	Assigned to	Milestone
	libxml2 (Ubuntu)	New	Undecided	Unassigned

Bug Description

Binary package hint: libxml2

References:
DSA-1460-1 (http://www.debian.org/security/2008/dsa-1460)
MDVSA-2008:010 (http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:010)

Quoting DSA-1460-1:
"Brad Fitzpatrick discovered that the UTF-8 decoding functions of libxml2,
the GNOME XML library, validate UTF-8 correctness insufficiently, which
may lead to denial of service by forcing libxml2 into an infinite loop."

CVE References

2007-6284

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicate of bug #181985 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulibxml2 package