Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2010-4494 |
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. Published: December 07, 2010; 4:00:09 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2010-4008 |
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. Published: November 16, 2010; 8:00:02 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2008-3529 |
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. Published: September 12, 2008; 12:56:20 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2008-3281 |
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document. Published: August 27, 2008; 4:41:00 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2004-0110 |
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL. Published: March 15, 2004; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |