CVE-2008-4226

Publication date 25 November 2008

Last updated 24 July 2024

Ubuntu priority

Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
libxml2	8.10 intrepid	Fixed 2.6.32.dfsg-4ubuntu1.1
	8.04 LTS hardy	Fixed 2.6.31.dfsg-2ubuntu1.3
	7.10 gutsy	Fixed 2.6.30.dfsg-2ubuntu1.4
	6.06 LTS dapper	Fixed 2.6.24.dfsg-1ubuntu1.4

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-673-1
libxml2 vulnerabilities
19 November 2008

Other references

https://www.cve.org/CVERecord?id=CVE-2008-4226