What is CVE-2008-1767?

CVE-2008-1767 is a vulnerability in Redhat Desktop, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2008-05-23.

Is CVE-2008-1767 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Redhat Desktop

CVE-2008-1767

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition…

Vulnerability class: Buffer Overflow

EPSS: 0.128 (95.8th percentile) — read the EPSS interpretation.

Affected products

Redhat Desktop — versions 3
Redhat Enterprise_linux — versions 2.1, 3.0, 4.0
Redhat Enterprise_linux_desktop — versions 4, 5
Redhat Enterprise_linux_desktop_workstation — versions 5
Redhat Linux_advanced_workstation — versions 2.1
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

References

cve@mitre.org (vendor-advisory, x_refsource_MANDRIVA)
cve@mitre.org (vendor-advisory, x_refsource_APPLE)
cve@mitre.org (vdb-entry, x_refsource_VUPEN)
cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)

Frequently asked questions

What is CVE-2008-1767?: CVE-2008-1767 is a vulnerability in Redhat Desktop, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2008-05-23.
Is CVE-2008-1767 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.