Mandriva Linux Security Advisory : libxml2 (MDVSA-2012:176)

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

A vulnerability was found and corrected in libxml2 :

A heap-buffer overflow was found in the way libxml2 decoded certain
XML entitites. A remote attacker could provide a specially crafted XML
file, which once opened in an application linked against libxml would
cause that application to crash, or, potentially, execute arbitrary
code with the privileges of the user running the application
(CVE-2012-5134).

The updated packages have been patched to correct this issue.

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 63134 ()

Bugtraq ID:

CVE ID: CVE-2012-5134

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now