Mandriva Update For Libxml2 MDVSA-2011:188 (libxml2) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Multiple vulnerabilities has been discovered and corrected in libxml2 Off-by-one error in libxml allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site CVE-2011-0216). libxml2 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors (CVE-2011-3905). The updated packages have been patched to correct these issues.

Affected

libxml2 on Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64

Severity

Classification

CVE CVE-2011-0216, CVE-2011-3905
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:151 (dhcp)
Mandrake Security Advisory MDVSA-2009:072 (perl-MDK-Common)
Mandrake Security Advisory MDVSA-2009:096 (printer-drivers)
Mandrake Security Advisory MDVSA-2009:146 (imap)
Mandrake Security Advisory MDVSA-2009:131-1 (apr-util)

Mandriva Update for libxml2 MDVSA-2011:188 (libxml2)

Take action and discover your vulnerabilities