Debian DSA-4042-1 : libxml-libxml-perl - security update

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The remote Debian host is missing a security-related update.

Description :

A use-after-free vulnerability was discovered in XML::LibXML, a Perl
interface to the libxml2 library, allowing an attacker to execute
arbitrary code by controlling the arguments to a replaceChild() call.

See also :

Solution :

Upgrade the libxml-libxml-perl packages.

For the oldstable distribution (jessie), this problem has been fixed
in version 2.0116+dfsg-1+deb8u2.

For the stable distribution (stretch), this problem has been fixed in
version 2.0128+dfsg-1+deb9u1.

Risk factor :

High / CVSS Base Score : 7.5

Family: Debian Local Security Checks

Nessus Plugin ID: 104686 ()

Bugtraq ID:

CVE ID: CVE-2017-10672

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now