Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2935

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2935
Last Modified 07 Mar 2011 10:09:58
Published 01 Aug 2008 10:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2935

Summary

Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."

Vulnerable Systems

Application

  • Xmlsoft Libxslt 1.1.10

  • Xmlsoft Libxslt 1.1.11

  • Xmlsoft Libxslt 1.1.12

  • Xmlsoft Libxslt 1.1.13

  • Xmlsoft Libxslt 1.1.14

  • Xmlsoft Libxslt 1.1.15

  • Xmlsoft Libxslt 1.1.16

  • Xmlsoft Libxslt 1.1.17

  • Xmlsoft Libxslt 1.1.18

  • Xmlsoft Libxslt 1.1.19

  • Xmlsoft Libxslt 1.1.20

  • Xmlsoft Libxslt 1.1.21

  • Xmlsoft Libxslt 1.1.22

  • Xmlsoft Libxslt 1.1.23

  • Xmlsoft Libxslt 1.1.24

  • Xmlsoft Libxslt 1.1.8

  • Xmlsoft Libxslt 1.1.9


References

MISC - http://www.ocert.org/patches/exslt_crypt.patch

MISC - http://www.ocert.org/advisories/ocert-2008-009.html

FEDORA - FEDORA-2008-7062

FEDORA - FEDORA-2008-7029

XF - libxslt-multiple-crypto-bo(44141)

VUPEN - ADV-2008-2266

UBUNTU - USN-633-1

SECTRACK - 1020596

BID - 30467

BUGTRAQ - 20081027 rPSA-2008-0306-1 libxslt

BUGTRAQ - 20080801 libxslt heap overflow

BUGTRAQ - 20080731 [oCERT-2008-009] libxslt heap overflow

MISC - http://www.scary.beasts.org/security/CESA-2008-003.html

REDHAT - RHSA-2008:0649

MANDRIVA - MDVSA-2008:160

DEBIAN - DSA-1624

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0306

SREASON - 4078

GENTOO - GLSA-200808-06

SECUNIA - 32453

SECUNIA - 31399

SECUNIA - 31395

SECUNIA - 31363

SECUNIA - 31331

SECUNIA - 31310

SECUNIA - 31230

Related Patches

Novell SUSE 2008:5457 libxslt security update for SLE 10 i586


Last Updated: 27 May 2016 10:48:02