Internet / Network Security
  1. Home
  2. Computing & Technology
  3. Internet / Network Security

[SA10958] Libxml2 URI Parsing Buffer Overflow Vulnerabilities
Libxml2 URI Parsing Buffer Overflow Vulnerabilities

From Secunia, for About.com

TITLE:
Libxml2 URI Parsing Buffer Overflow Vulnerabilities

SECUNIA ADVISORY ID:
SA10958

VERIFY ADVISORY:
http://secunia.com/advisories/10958/

CRITICAL:
Moderately critical

IMPACT:
System access

WHERE:
From remote

SOFTWARE:
Libxml2 2.6.x

DESCRIPTION:
Yuuichi Teranishi has discovered some vulnerabilities in libxml2, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerabilities are caused due to boundary errors in nanohttp and nanoftp when parsing overly long URIs. This can be exploited to cause a buffer overflow by supplying an overly long URI (about 4096 bytes).

Successful exploitation may potentially allow execution of arbitrary code.

SOLUTION:
Update to version 2.6.6 or later.
http://www.xmlsoft.org/downloads.html

PROVIDED AND/OR DISCOVERED BY:
Yuuichi Teranishi

For further details and links please click here to see the actual Secunia Advisory: http://secunia.com/advisories/10958/

More Internet / Network Security Quick Tips
Explore Internet / Network Security
About.com Special Features
Family Tech Center

Stay connected and entertained with reviews on tips on the latest HDTVs, cellphones and more. More >

Connect Your Home Computers

Easy ways to connect two computers for networking purposes. More >

Internet / Network Security
  1. Home
  2. Computing & Technology
  3. Internet / Network Security

©2009 About.com, a part of The New York Times Company.

All rights reserved.