Novell Home

CVE-2008-4226

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2008-4226 at MITRE

Description

Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.

NVD CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 441368

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
Novell Linux Desktop 9 for x86
  • libxml2 >= 2.6.7-28.16
sles9-nld.x86-64
sles9-nld.x86
YOU Patch Nr: 12287
Novell Linux Desktop 9 for x86_64
  • libxml2 >= 2.6.7-28.16
  • libxml2-32bit >= 9-200811071633
sles9-nld.x86-64
sles9-nld.x86
YOU Patch Nr: 12287
openSUSE 11.0
  • libxml2-debuginfo >= 2.6.32-11.5
  • libxml2-debugsource >= 2.6.32-11.5
openSUSE 11.0
  • libxml2 >= 2.6.32-11.5
  • libxml2-32bit >= 2.6.32-11.5
  • libxml2-64bit >= 2.6.32-11.5
  • libxml2-devel >= 2.6.32-11.5
  • libxml2-devel-32bit >= 2.6.32-11.5
  • libxml2-devel-64bit >= 2.6.32-11.5
  • libxml2-doc >= 2.6.32-11.5
SUSE CORE 9 for AMD64 and Intel EM64T
  • libxml2 >= 2.6.7-28.21
  • libxml2-devel >= 2.6.7-28.21
Builds
YOU Patch Nr: 12752
Novell Linux Desktop 9 for x86
Open Enterprise Server
  • libxml2 >= 2.6.7-28.16
  • libxml2-devel >= 2.6.7-28.16
core9.ppc
core9.s390
sles9-nlpos.x86
sles9-nld.x86-64
sles9-nld.x86
core9.x86
sles9-oes.x86
core9.s390x
core9.x86-64
core9.ia64
YOU Patch Nr: 12286
Novell Linux Desktop 9 for x86_64
  • libxml2 >= 2.6.7-28.16
  • libxml2-32bit >= 9-200811071633
  • libxml2-devel >= 2.6.7-28.16
core9.ppc
core9.s390
sles9-nlpos.x86
sles9-nld.x86-64
sles9-nld.x86
core9.x86
sles9-oes.x86
core9.s390x
core9.x86-64
core9.ia64
YOU Patch Nr: 12286

© 2014 Novell