Your submission was sent successfully! Close

CVE-2008-3529

Published: 12 September 2008

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.

Priority

Medium

Status

Package Release Status
libxml2
Launchpad, Ubuntu, Debian
Upstream
Released (2.7.1)