Fedora 10 2008-10000

Critical Nessus Plugin ID 37490


The remote host is missing the patch for the advisory FEDORA-2008-10000.


This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations.
In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library.

Update Information:

Fixes a couple of security issues when overflowing text data size of buffer size.


Update the affected package(s) using, for example, 'yum update'.

Plugin Details

Severity: Critical

ID: 37490

File Name: fedora_2008-10000.nasl

Version: $Revision: 1.7 $

Type: local

Agent: unix

Published: 2009/04/23

Modified: 2012/10/01

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Host/RedHat/rpm-list

Reference Information

CVE: CVE-2007-1320, CVE-2008-4225, CVE-2008-4226, CVE-2008-4539, CVE-2008-4989, CVE-2008-5148

CWE: 59