CVE-2007-6284
published 2008-01-12CVE-2007-6284: The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid…
medium5CVSS 3.1
AVNACLAuNCNINAP
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | libxml2 | < libxml2 2.6.30.dfsg-3.1 (bookworm) | libxml2 2.6.30.dfsg-3.1 (bookworm) |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux_corporate_server | — | — |
| mandrakesoft | mandrake_linux_corporate_server | — | — |
| redhat | fedora | — | — |
| redhat | fedora | — | — |
| xmlsoft | libxml2 | >= 0 < 2.6.30.dfsg-3.1 | 2.6.30.dfsg-3.1 |
| xmlsoft | libxml2 | >= 0 < 2.6.30.dfsg-3.1 | 2.6.30.dfsg-3.1 |
| xmlsoft | libxml2 | >= 0 < 2.6.30.dfsg-3.1 | 2.6.30.dfsg-3.1 |
| xmlsoft | libxml2 | >= 0 < 2.6.30.dfsg-3.1 | 2.6.30.dfsg-3.1 |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM