This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Multiple vulnerabilities has been discovered and corrected in
Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x
through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent
attackers to cause a denial of service (crash) and possibly execute
arbitrary code via a crafted XML file that triggers a heap-based
buffer overflow when adding a new namespace node, related to handling
of XPath expressions (CVE-2011-1944).
The updated packages have been patched to correct this issue.
Packages were misssing for Mandriva Linux 2011 with the MDVSA-2011:131
advisory which are now being provided.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true