Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2008-0649

Опубликовано: 31 июл. 2008
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2008-0649: libxslt security update (MODERATE)

[1.1.17-2.0.1.el5_2.2]

  • Added libxslt-enterprise.patch and replaced doc/redhat.gif in tarball

[1.1.17-2.el5_2.2]

  • fix various problems in libexslt RC4 encryption/decryption functions
  • resolves: rhbz#456232

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

libxslt

1.1.17-2.0.1.el5_2.2

libxslt-devel

1.1.17-2.0.1.el5_2.2

libxslt-python

1.1.17-2.0.1.el5_2.2

Oracle Linux x86_64

libxslt

1.1.17-2.0.1.el5_2.2

libxslt-devel

1.1.17-2.0.1.el5_2.2

libxslt-python

1.1.17-2.0.1.el5_2.2

Oracle Linux i386

libxslt

1.1.17-2.0.1.el5_2.2

libxslt-devel

1.1.17-2.0.1.el5_2.2

libxslt-python

1.1.17-2.0.1.el5_2.2

Связанные CVE

CVE-2008-2935

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2008-2935

ubuntu
почти 17 лет назад

Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."

redhat логотип

CVE-2008-2935

redhat
почти 17 лет назад

Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."

nvd логотип

CVE-2008-2935

nvd
почти 17 лет назад

Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."

debian логотип

CVE-2008-2935

debian
почти 17 лет назад

Multiple heap-based buffer overflows in the rc4 (1) encryption (aka ex ...

github логотип

GHSA-4597-8mcf-pw36

github
около 3 лет назад

Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."