cbcvebase.
CVE-2008-4225
published 2008-11-25

CVE-2008-4225: Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large…

high7.8CVSS 3.1
AVNACLAuNCNINAC
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

Affected

9 ranges
VendorProductVersion rangeFixed in
debianlibxml2< libxml2 2.6.32.dfsg-5 (bookworm)libxml2 2.6.32.dfsg-5 (bookworm)
vmwarevmware_esxi
vmwarevmware_tools
vmwarevmware_workstation
xmlsoftlibxml
xmlsoftlibxml2>= 0 < 2.6.32.dfsg-52.6.32.dfsg-5
xmlsoftlibxml2>= 0 < 2.6.32.dfsg-52.6.32.dfsg-5
xmlsoftlibxml2>= 0 < 2.6.32.dfsg-52.6.32.dfsg-5
xmlsoftlibxml2>= 0 < 2.6.32.dfsg-52.6.32.dfsg-5

CVSS provenance

nvd7.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
osv7.8HIGH