Detections
Analytics
AIX 7.3 TL 0 : libxml2 (IJ50827)
high Nessus Plugin ID 195312
Language:
Synopsis
The remote AIX host is missing a security patch.Description
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062 GNOME libxml2 is vulnerable to a denial of service, caused by a use-after-free flaw in the xmlValidatePopElement() function. By persuading a victim to open a specially crafted content, a remote attacker could exploit this vulnerability to cause the application to crash.Solution
Install the appropriate interim fix.See Also
https://aix.software.ibm.com/aix/efixes/security/libxml2_advisory6.asc
Plugin Details
Severity: High
ID: 195312
File Name: aix_IJ50827.nasl
Version: 1.0
Type: local
Family: AIX Local Security Checks
Published: 5/10/2024
Updated: 5/10/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
Vulnerability Information
CPE: cpe:/o:ibm:aix:7.3
Required KB Items: Host/AIX/lslpp, Host/local_checks_enabled, Host/AIX/version
Patch Publication Date: 5/8/2024
Vulnerability Publication Date: 5/8/2024
Reference Information
CVE: CVE-2024-25062