Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

T-019: libxml2 Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) T-019: libxml2 Vulnerability
# 1  
Old 11-13-2008
T-019: libxml2 Vulnerability
It was discovered that libxml2, the GNOME XML library, didn't correctly handle long entity names. This could allow the execution of arbitrary code via a malicious XML file. The risk is MEDIUM. Coercing a user to open a specially crafted XML file, could allow an intruder to run arbitrary code with the permissions of the user.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Which version of libxml2?

What method do you use to find out what version of libxml2 one uses on Linux? I have tried the following: $ libxml2 -v libxml2: command not found $ libxml2 --version libxml2: command not found $ which libxml2 $ There is however a /usr/lib/libxml2.so.2.7.5. (1 Reply)
Discussion started by: figaro
1 Replies

2. Programming

libxml2 documentation

i need to read/write a xml file in c i found libxml2, but the documentation is awfull, im using google but i get most of vb, or c# results can anyone point me to a introduction tutorial? actually, any kind of documentation would be ok (just not the oficial The XML C parser and toolkit... (2 Replies)
Discussion started by: broli
2 Replies

3. Ubuntu

libxml2-dev

Hi again, I use Ubuntu 8.10. I could not install xml-config. Although libxml2-dev is installed, ./configure cannot find xml-config. Help me out please... apprentice (7 Replies)
Discussion started by: apprentice
7 Replies

4. UNIX for Advanced & Expert Users

find: 0652-019 The status on /interfaces/eu3/hmsl/EBS/20070722 is not valid.

I am getting this error when i issue find command. Any advice. Regards, Vishal (0 Replies)
Discussion started by: vishal_ranjan
0 Replies

5. Programming

libxml2

hi all is libxml2 version dependent? can you please explain about it. thank you in advance (2 Replies)
Discussion started by: munna_dude
2 Replies
Login or Register to Ask a Question

LEARN ABOUT SUSE

xml::libxml::sax

XML::LibXML::SAX(3)					User Contributed Perl Documentation				       XML::LibXML::SAX(3)

NAME

       XML::LibXML::SAX - XML::LibXML direct SAX parser

DESCRIPTION

       XML::LibXML provides an interface to libxml2 direct SAX interface. Through this interface it is possible to generate SAX events directly
       while parsing a document. While using the SAX parser XML::LibXML will not create a DOM Document tree.

       Such an interface is useful if very large XML documents have to be processed and no DOM functions are required. By using this interface it
       is possible to read data stored within a XML document directly into the application data structures without loading the document into
       memory.

       The SAX interface of XML::LibXML is based on the famous XML::SAX interface. It uses the generic interface as provided by XML::SAX::Base.

       Additionally to the generic functions, which are only able to process entire documents, XML::LibXML::SAX provides parse_chunk(). This
       method generates SAX events from well balanced data such as is often provided by databases.

       NOTE: At the moment XML::LibXML provides only an incomplete interface to libxml2's native SAX implementation. The current implementation is
       not tested in production environment. It may causes significant memory problems or shows wrong behaviour. If you run into specific problems
       using this part of XML::LibXML, let me know.

AUTHORS

       Matt Sergeant, Christian Glahn, Petr Pajas

VERSION

       1.70

COPYRIGHT

       2001-2007, AxKit.com Ltd.

       2002-2006, Christian Glahn.

       2006-2009, Petr Pajas.

perl v5.12.1							    2009-10-07						       XML::LibXML::SAX(3)