Vulnerability in Trustix Secure_linux
CVE-2004-0989
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a…
EPSS: 0.217 (97.3th percentile) — read the EPSS interpretation.
Affected products
- Trustix Secure_linux — versions 2.0, 2.1
- Xmlsoft Libxml — versions 1.8.17
- Xmlsoft Libxml2 — versions 2.5.11, 2.6.6, 2.6.7
- Xmlstarlet Command_line_xml_toolkit — versions 0.9.1
- Redhat Fedora_core — versions core_2.0
- Ubuntu Ubuntu_linux — versions 4.1
- N/a — versions n/a
References
- cve@mitre.org (vendor-advisory, x_refsource_APPLE)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (government-resource, x_refsource_CIAC, third-party-advisory)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (Exploit, Patch, vdb-entry, x_refsource_BID, Vendor Advisory)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)