Ubuntu Update For Libxml2 USN-1904-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that libxml2 would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly obtain access to arbitrary files or cause resource consumption. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 12.10. (CVE-2013-0339) It was discovered that libxml2 incorrectly handled documents that end abruptly. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2013-2877)

Affected

libxml2 on Ubuntu 13.04 , Ubuntu 12.10 , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2013-0339, CVE-2013-2877
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for cmake vulnerabilities USN-890-6
Ubuntu Update for dovecot USN-1143-1
Ubuntu Update for bind9 USN-1139-1
Ubuntu Update for cups, cupsys vulnerabilities USN-952-1
Ubuntu Update for apache2 USN-1259-1

Ubuntu Update for libxml2 USN-1904-1

Take action and discover your vulnerabilities