Denial of Service Vulnerability in libxml2 by Software Vendor
CVE-2009-2414

Currently unrated

Key Information:

Vendor

Xmlsoft

Status
Libxml2
Libxml
Vendor
CVE Published:
11 August 2009

What is CVE-2009-2414?

libxml2 versions 2.5.10, 2.6.16, 2.6.26, 2.6.27, 2.6.32, and libxml 1.8.17 exhibit a vulnerability that can be exploited by attackers using specially crafted DTDs to leverage deep recursion in parsing element declarations. This recursion can result in excessive stack consumption, ultimately causing the application to crash. This flaw has been demonstrated using the Codenomicon XML fuzzing framework, highlighting the potential for denial of service attacks in systems reliant on these libraries.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.ubuntu.com/usn/USN-815-1
vendor-advisoryx_refsource_UBUNTU
https://www.redhat.com/archives/fedora-package-announce/2...
vendor-advisoryx_refsource_FEDORA
http://secunia.com/advisories/36631
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.