Mandriva Linux Security Advisory : libxml2 (MDVSA-2011:188)
High Nessus Plugin ID 57320
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionMultiple vulnerabilities has been discovered and corrected in libxml2 :
Off-by-one error in libxml allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted website CVE-2011-0216).
libxml2 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors (CVE-2011-3905).
The updated packages have been patched to correct these issues.
SolutionUpdate the affected packages.