Xmlsoft : Security Vulnerabilities, CVEs, Published In 2008 (Overflow)
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
Max CVSS
10.0
EPSS Score
1.86%
Published
2008-11-25
Updated
2017-09-29
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
Max CVSS
7.8
EPSS Score
1.26%
Published
2008-11-25
Updated
2017-09-29
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.
Max CVSS
10.0
EPSS Score
94.33%
Published
2008-09-12
Updated
2023-02-13
Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."
Max CVSS
7.5
EPSS Score
18.03%
Published
2008-08-01
Updated
2018-10-11
4 vulnerabilities found