GLSA-200812-06 : libxml2: Multiple vulnerabilities

This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.

Synopsis :

The remote Gentoo host is missing one or more security-related

Description :

The remote host is affected by the vulnerability described in GLSA-200812-06
(libxml2: Multiple vulnerabilities)

Multiple vulnerabilities were reported in libxml2:
Andreas Solberg reported that libxml2 does not properly detect
recursion during entity expansion in an attribute value
A heap-based buffer overflow has been reported in the
xmlParseAttValueComplex() function in parser.c (CVE-2008-3529).
Christian Weiske reported that predefined entity definitions in
entities are not properly handled (CVE-2008-4409).
Drew Yao of Apple Product Security reported an integer overflow in the
xmlBufferResize() function that can lead to an infinite loop
Drew Yao of Apple Product Security reported an integer overflow in the
xmlSAX2Characters() function leading to a memory corruption

Impact :

A remote attacker could entice a user or automated system to open a
specially crafted XML document with an application using libxml2,
possibly resulting in the exeution of arbitrary code or a high CPU and
memory consumption.

Workaround :

There is no known workaround at this time.

See also :

Solution :

All libxml2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-libs/libxml2-2.7.2-r1'

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.8
Public Exploit Available : true

Family: Gentoo Local Security Checks

Nessus Plugin ID: 35023 (gentoo_GLSA-200812-06.nasl)

Bugtraq ID: 30783

CVE ID: CVE-2008-3281