CVE-2008-4226
published 2008-11-25CVE-2008-4226: Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or…
PriorityP339critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
4.05%
89.4th percentile
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libxml2 | < libxml2 2.6.32.dfsg-5 (bookworm) | libxml2 2.6.32.dfsg-5 (bookworm) |
| vmware | vmware_esxi | — | — |
| vmware | vmware_tools | — | — |
| vmware | vmware_workstation | — | — |
| xmlsoft | libxml | — | — |
| xmlsoft | libxml2 | >= 0 < 2.6.32.dfsg-5 | 2.6.32.dfsg-5 |
| xmlsoft | libxml2 | >= 0 < 2.6.32.dfsg-5 | 2.6.32.dfsg-5 |
| xmlsoft | libxml2 | >= 0 < 2.6.32.dfsg-5 | 2.6.32.dfsg-5 |
| xmlsoft | libxml2 | >= 0 < 2.6.32.dfsg-5 | 2.6.32.dfsg-5 |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0CRITICAL
vendor_redhat10.0CRITICAL
vendor_ubuntu7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VMware
ESX patches address an issue loading corrupt virtual disks and update Service Console packages
vendor_vmware·2009-01-30·CVSS 4.7
CVE-2008-4225 [MEDIUM] ESX patches address an issue loading corrupt virtual disks and update Service Console packages
VMSA-2009-0001: ESX patches address an issue loading corrupt virtual disks and update Service Console packages
a. Loading a corrupt delta disk may cause ESX to crash If the VMDK delta disk of a snapshot is corrupt, an ESX host might crash when the corrupted disk is loaded. VMDK delta files exist for virtual machines with one or more snapshots. This change ensures that a corrupt VMDK delta file cannot be used to crash ESX hosts. A corrupt VMDK delta disk, or virtual machine would have to be loaded by an administrator. VMware would like to thank Craig Marshall for reporting this issue. The Common Vulnerabilities and Exposures project ( cve.mitre.org) has assigned the name CVE-2008-4914 to this issue. The following table lists what action remediates the vulnerability (column 4) if a solution
Ubuntu
libxml2 vulnerabilities
vendor_ubuntu·2008-11-19·CVSS 7.8
CVE-2008-4225 [HIGH] libxml2 vulnerabilities
Title: libxml2 vulnerabilities
Summary: libxml2 vulnerabilities
Drew Yao discovered that libxml2 did not correctly handle certain corrupt
XML documents. If a user or automated system were tricked into processing
a malicious XML document, a remote attacker could cause applications
linked against libxml2 to enter an infinite loop, leading to a denial
of service. (CVE-2008-4225)
Drew Yao discovered that libxml2 did not correctly handle large memory
allocations. If a user or automated system were tricked into processing a
very large XML document, a remote attacker could cause applications linked
against libxml2 to crash, leading to a denial of service. (CVE-2008-4226)
Instructions: After a standard system upgrade you need to restart your sessions to effect
the necessary changes.
Red Hat
libxml2: integer overflow leading to memory corruption in xmlSAX2Characters
vendor_redhat·2008-11-17·CVSS 10.0
CVE-2008-4226 [CRITICAL] CWE-190 libxml2: integer overflow leading to memory corruption in xmlSAX2Characters
libxml2: integer overflow leading to memory corruption in xmlSAX2Characters
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
Debian
CVE-2008-4226: libxml2 - Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows conte...
vendor_debian·2008·CVSS 10.0
CVE-2008-4226 [CRITICAL] CVE-2008-4226: libxml2 - Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows conte...
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
Scope: local
bookworm: resolved (fixed in 2.6.32.dfsg-5)
bullseye: resolved (fixed in 2.6.32.dfsg-5)
forky: resolved (fixed in 2.6.32.dfsg-5)
sid: resolved (fixed in 2.6.32.dfsg-5)
trixie: resolved (fixed in 2.6.32.dfsg-5)
GHSA
GHSA-xc47-x3wf-rv79: Integer overflow in the xmlSAX2Characters function in libxml2 2
ghsa_unreviewed·2022-05-02
CVE-2008-4226 [HIGH] GHSA-xc47-x3wf-rv79: Integer overflow in the xmlSAX2Characters function in libxml2 2
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
OSV
CVE-2008-4226: Integer overflow in the xmlSAX2Characters function in libxml2 2
osv·2008-11-25·CVSS 10.0
CVE-2008-4226 [CRITICAL] CVE-2008-4226: Integer overflow in the xmlSAX2Characters function in libxml2 2
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
No detection rules found.
No public exploits indexed.
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.htmlhttp://lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.htmlhttp://secunia.com/advisories/32762http://secunia.com/advisories/32764http://secunia.com/advisories/32766http://secunia.com/advisories/32773http://secunia.com/advisories/32802http://secunia.com/advisories/32807http://secunia.com/advisories/32811http://secunia.com/advisories/32872http://secunia.com/advisories/32974http://secunia.com/advisories/33417http://secunia.com/advisories/33746http://secunia.com/advisories/33792http://secunia.com/advisories/34247http://secunia.com/advisories/35379http://secunia.com/advisories/36173http://secunia.com/advisories/36235http://security.gentoo.org/glsa/glsa-200812-06.xmlhttp://securitytracker.com/id?1021238http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473974http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1http://sunsolve.sun.com/search/document.do?assetkey=1-26-251406-1http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1http://support.apple.com/kb/HT3613http://support.apple.com/kb/HT3639http://support.avaya.com/elmodocs2/security/ASA-2009-002.htmhttp://support.avaya.com/elmodocs2/security/ASA-2009-067.htmhttp://wiki.rpath.com/Advisories:rPSA-2008-0325http://www.debian.org/security/2008/dsa-1666http://www.mandriva.com/security/advisories?name=MDVSA-2008:231http://www.osvdb.org/49993http://www.redhat.com/support/errata/RHSA-2008-0988.htmlhttp://www.securityfocus.com/bid/32326http://www.ubuntu.com/usn/usn-673-1http://www.vmware.com/security/advisories/VMSA-2009-0001.htmlhttp://www.vupen.com/english/advisories/2008/3176http://www.vupen.com/english/advisories/2009/0034http://www.vupen.com/english/advisories/2009/0301http://www.vupen.com/english/advisories/2009/0323http://www.vupen.com/english/advisories/2009/1522http://www.vupen.com/english/advisories/2009/1621https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc10https://admin.fedoraproject.org/updates/libxml2-2.7.2-2.fc9https://bugzilla.redhat.com/show_bug.cgi?id=470466https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6219https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6360https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9888https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00472.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-November/msg00513.htmlhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.htmlhttp://lists.apple.com/archives/security-announce/2009/jun/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.htmlhttp://secunia.com/advisories/32762http://secunia.com/advisories/32764http://secunia.com/advisories/32766http://secunia.com/advisories/32773http://secunia.com/advisories/32802http://secunia.com/advisories/32807http://secunia.com/advisories/32811http://secunia.com/advisories/32872http://secunia.com/advisories/32974http://secunia.com/advisories/33417http://secunia.com/advisories/33746http://secunia.com/advisories/33792http://secunia.com/advisories/34247http://secunia.com/advisories/35379http://secunia.com/advisories/36173http://secunia.com/advisories/36235http://security.gentoo.org/glsa/glsa-200812-06.xmlhttp://securitytracker.com/id?1021238http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.473974http://sunsolve.sun.com/search/document.do?assetkey=1-21-126356-03-1http://sunsolve.sun.com/search/document.do?assetkey=1-21-141243-01-1http://sunsolve.sun.com/search/document.do?assetkey=1-26-251406-1http://sunsolve.sun.com/search/document.do?assetkey=1-66-261688-1http://sunsolve.sun.com/search/document.do?assetkey=1-66-265329-1http://support.apple.com/kb/HT3613http://support.apple.com/kb/HT3639http://support.avaya.com/elmodocs2/security/ASA-2009-002.htmhttp://support.avaya.com/elmodocs2/security/ASA-2009-067.htmhttp://wiki.rpath.com/Advisories:rPSA-2008-0325http://www.debian.org/security/2008/dsa-1666http://www.mandriva.com/security/advisories?name=MDVSA-2008:231http://www.osvdb.org/49993http://www.redhat.com/support/errata/RHSA-2008-0988.htmlhttp://www.securityfocus.com/bid/32326http://www.ubuntu.com/usn/usn-673-1http://www.vmware.com/security/advisories/VMSA-2009-0001.htmlhttp://www.vupen.com/english/advisories/2008/3176http://www.vupen.com/english/advisories/2009/0034http://www.vupen.com/english/advisories/2009/0301http://www.vupen.com/english/advisories/2009/0323http://www.vupen.com/english/advisories/2009/1522http://www.vupen.com/english/advisories/2009/1621
+ 8 more references
2008-11-25
Published