Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:28201
HistoryJun 24, 2012 - 12:00 a.m.

[ MDVSA-2012:098 ] libxml2

2012-06-2400:00:00
vulners.com
36
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2012:098
http://www.mandriva.com/security/

Package : libxml2
Date : June 21, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0

Problem Description:

A vulnerability has been discovered and corrected in libxml2:

An Off-by-one error in libxml2 allows remote attackers to cause a
denial of service (out-of-bounds write) or possibly have unspecified
other impact via unknown vectors (CVE-2011-3102).

The updated packages have been patched to correct this issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102

Updated Packages:

Mandriva Linux 2010.1:
c0461d223d25e8a2857c64953b2b4bbb 2010.1/i586/libxml2_2-2.7.7-1.8mdv2010.2.i586.rpm
7706b1ef1bf98997275d907f00115d40 2010.1/i586/libxml2-devel-2.7.7-1.8mdv2010.2.i586.rpm
ac3a4580937dfc0bea6a8b5a4440d3d7 2010.1/i586/libxml2-python-2.7.7-1.8mdv2010.2.i586.rpm
2543421fd9a764712956d9ec7cc29735 2010.1/i586/libxml2-utils-2.7.7-1.8mdv2010.2.i586.rpm
7b5cc8f7d4307694f994b4841298001a 2010.1/SRPMS/libxml2-2.7.7-1.8mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
be969eb2120f0ce934b4a3e439eeef9e 2010.1/x86_64/lib64xml2_2-2.7.7-1.8mdv2010.2.x86_64.rpm
b157a2a25300a94f43d9519f65b34fc5 2010.1/x86_64/lib64xml2-devel-2.7.7-1.8mdv2010.2.x86_64.rpm
c3e4d81eb93b56c97c3fc4a4de9898d1 2010.1/x86_64/libxml2-python-2.7.7-1.8mdv2010.2.x86_64.rpm
34ccac69c45a74aca6dc3b5ddbca3897 2010.1/x86_64/libxml2-utils-2.7.7-1.8mdv2010.2.x86_64.rpm
7b5cc8f7d4307694f994b4841298001a 2010.1/SRPMS/libxml2-2.7.7-1.8mdv2010.2.src.rpm

Mandriva Linux 2011:
fa3e1afaa06313e8e637e0e1bd8dc034 2011/i586/libxml2_2-2.7.8-6.6-mdv2011.0.i586.rpm
f9bf3505ce7dfdc2ea26bb5a3ead5a2b 2011/i586/libxml2-devel-2.7.8-6.6-mdv2011.0.i586.rpm
793a7f2e79156fd24256720972e00ae4 2011/i586/libxml2-python-2.7.8-6.6-mdv2011.0.i586.rpm
629e9ce8da67bd42d0b75c7a1d971598 2011/i586/libxml2-utils-2.7.8-6.6-mdv2011.0.i586.rpm
26a2ff0552ddc63b67578555c559933a 2011/SRPMS/libxml2-2.7.8-6.6.src.rpm

Mandriva Linux 2011/X86_64:
64f1f52da84a5bac34f4480f2243335d 2011/x86_64/lib64xml2_2-2.7.8-6.6-mdv2011.0.x86_64.rpm
f54abb23118e2a84b7294a94a9de9fec 2011/x86_64/lib64xml2-devel-2.7.8-6.6-mdv2011.0.x86_64.rpm
35f8648d5135a7ad82290658449e4419 2011/x86_64/libxml2-python-2.7.8-6.6-mdv2011.0.x86_64.rpm
f1b999261ab2ddbc75e39edf574682e0 2011/x86_64/libxml2-utils-2.7.8-6.6-mdv2011.0.x86_64.rpm
26a2ff0552ddc63b67578555c559933a 2011/SRPMS/libxml2-2.7.8-6.6.src.rpm

Mandriva Enterprise Server 5:
e8f78cba230875f00cc66e38a5d073ab mes5/i586/libxml2_2-2.7.1-1.12mdvmes5.2.i586.rpm
8a05a37e788390d5bdf7c7d06bdb3d45 mes5/i586/libxml2-devel-2.7.1-1.12mdvmes5.2.i586.rpm
85aa790648a830200b25cd7d3c560f9b mes5/i586/libxml2-python-2.7.1-1.12mdvmes5.2.i586.rpm
dd17b0e4dfad86cf598c8296053f70e1 mes5/i586/libxml2-utils-2.7.1-1.12mdvmes5.2.i586.rpm
5095525663e34a9c6e7b8bdae763be58 mes5/SRPMS/libxml2-2.7.1-1.12mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
7dc33151c191a90e7b5a7b26ee3e6335 mes5/x86_64/lib64xml2_2-2.7.1-1.12mdvmes5.2.x86_64.rpm
efd29140bba4ca35237798f6f14b3ac1 mes5/x86_64/lib64xml2-devel-2.7.1-1.12mdvmes5.2.x86_64.rpm
8d081103c58c000c3f7803911ce122a0 mes5/x86_64/libxml2-python-2.7.1-1.12mdvmes5.2.x86_64.rpm
6efed51b1b6a05f7fa2f864d17b12bc5 mes5/x86_64/libxml2-utils-2.7.1-1.12mdvmes5.2.x86_64.rpm
5095525663e34a9c6e7b8bdae763be58 mes5/SRPMS/libxml2-2.7.1-1.12mdvmes5.2.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFP4tCUmqjQ0CJFipgRAo9rAKC4sIZw21Mn38SOsU0jPtmiXCSm4QCeJFz8
+WSFZ3W+HdBn8JaKKGRLGAc=
=dP6J
-----END PGP SIGNATURE-----

Related

nessus 35
veracode 1
openvas 39
debian 1
securityvulns 7
cve 1
ubuntucve 1
prion 1
ubuntu 1
debiancve 1
gentoo 1
redhat 4
freebsd 1
amazon 1
centos 2
oraclelinux 3
suse 3
fedora 2
vmware 2
threatpost 1
chrome 1
nessus
nessus
openSUSE Security Update : libxml2 (openSUSE-SU-2012:0731-1)
2014-06-13 00:00:00
GLSA-201207-02 : libxml2: User-assisted execution of arbitrary code
2012-07-10 00:00:00
Mandriva Linux Security Advisory : libxml2 (MDVSA-2012:098)
2012-06-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:57:55
openvas
openvas
Debian Security Advisory DSA 2479-1 (libxml2)
2012-05-31 00:00:00
Ubuntu Update for libxml2 USN-1447-1
2012-05-22 00:00:00
Mandriva Update for libxml2 MDVSA-2012:098 (libxml2)
2012-06-22 00:00:00
debian
debian
[SECURITY] [DSA 2479-1] libxml2 security update
2012-05-23 19:39:41
securityvulns
securityvulns
libxml off-by-one
2012-06-24 00:00:00
APPLE-SA-2014-01-22-1 iTunes 11.1.4
2014-01-29 00:00:00
Apple iTunes multiple security vulnerabilities
2014-01-29 00:00:00
cve
cve
CVE-2011-3102
2012-05-16 00:55:00
ubuntucve
ubuntucve
CVE-2011-3102
2012-05-15 00:00:00
prion
prion
Out-of-bounds
2012-05-16 00:55:00
ubuntu
ubuntu
libxml2 vulnerability
2012-05-21 00:00:00
debiancve
debiancve
CVE-2011-3102
2012-05-16 00:55:00
gentoo
gentoo
libxml2: User-assisted execution of arbitrary code
2012-07-09 00:00:00
redhat
redhat
(RHSA-2012:1288) Moderate: libxml2 security update
2012-09-18 00:00:00
(RHSA-2012:1324) Important: rhev-hypervisor5 security and bug fix update
2012-10-02 00:00:00
(RHSA-2013:0217) Important: mingw32-libxml2 security update
2013-01-31 00:00:00
freebsd
freebsd
libxml2 -- An off-by-one out-of-bounds write by XPointer
2012-05-15 00:00:00
amazon
amazon
Medium: libxml2
2012-10-15 12:20:00
centos
centos
libxml2 security update
2012-09-18 18:22:15
mingw32 security update
2013-02-01 00:53:30
oraclelinux
oraclelinux
libxml2 security update
2013-02-28 00:00:00
libxml2 security update
2012-09-18 00:00:00
mingw32-libxml2 security update
2013-01-31 00:00:00
suse
suse
Security update for libxml2 (important)
2013-11-04 17:04:12
Security update for libxml2 (important)
2013-11-04 18:04:12
update for chromium, v8 (important)
2012-05-29 15:08:29
fedora
fedora
[SECURITY] Fedora 17 Update: libxml2-2.7.8-9.fc17
2012-09-26 08:56:06
[SECURITY] Fedora 16 Update: libxml2-2.7.8-8.fc16
2012-09-27 04:35:19
vmware
vmware
VMware vSphere security updates for the authentication service and third party libraries
2013-01-31 00:00:00
VMware vSphere security updates for the authentication service and third party libraries
2013-01-31 00:00:00
threatpost
threatpost
Google Releases Chrome 19, Fixes More Than 20 Bugs
2012-05-15 16:26:53
chrome
chrome
Stable Channel Update
2012-05-15 00:00:00
JSON
Related for SECURITYVULNS:DOC:28201
nessus35veracode1openvas39debian1securityvulns7cve1ubuntucve1prion1ubuntu1debiancve1gentoo1redhat4freebsd1amazon1centos2oraclelinux3suse3fedora2vmware2threatpost1chrome1