Vulnerability in Mandrakesoft Mandrake_linux
CVE-2007-6284
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
EPSS: 0.026 (83.1th percentile) — read the EPSS interpretation.
Affected products
- Mandrakesoft Mandrake_linux — versions 2007, 2007.1, 2008.0
- Mandrakesoft Mandrake_linux_corporate_server — versions 3.0, 4.0
- Debian Debian_linux — versions 3.1, 4.0
- Redhat Fedora — versions 7, 8
- N/a — versions n/a
Weakness classification (CWE)
References
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (vendor-advisory, x_refsource_GENTOO)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (vdb-entry, x_refsource_VUPEN)
- secalert@redhat.com (vendor-advisory, x_refsource_SUNALERT)
- secalert@redhat.com (vendor-advisory, x_refsource_DEBIAN)
- secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory)
- secalert@redhat.com (vendor-advisory, x_refsource_SUSE)
- secalert@redhat.com (mailing-list, x_refsource_BUGTRAQ)
- secalert@redhat.com (signature, x_refsource_OVAL, vdb-entry)