Xmlsoft : Security Vulnerabilities, CVEs, Published In 2008 (Overflow)

CVE-2008-4226

Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
Max CVSS
10.0
EPSS Score
1.86%
Published
2008-11-25
Updated
2017-09-29

CVE-2008-4225

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
Max CVSS
7.8
EPSS Score
1.26%
Published
2008-11-25
Updated
2017-09-29

CVE-2008-3529

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.
Max CVSS
10.0
EPSS Score
94.33%
Published
2008-09-12
Updated
2023-02-13

CVE-2008-2935

Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."
Max CVSS
7.5
EPSS Score
18.03%
Published
2008-08-01
Updated
2018-10-11
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close