Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

T-019: libxml2 Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) T-019: libxml2 Vulnerability
# 1  
Old 11-13-2008
T-019: libxml2 Vulnerability
It was discovered that libxml2, the GNOME XML library, didn't correctly handle long entity names. This could allow the execution of arbitrary code via a malicious XML file. The risk is MEDIUM. Coercing a user to open a specially crafted XML file, could allow an intruder to run arbitrary code with the permissions of the user.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Which version of libxml2?

What method do you use to find out what version of libxml2 one uses on Linux? I have tried the following: $ libxml2 -v libxml2: command not found $ libxml2 --version libxml2: command not found $ which libxml2 $ There is however a /usr/lib/libxml2.so.2.7.5. (1 Reply)
Discussion started by: figaro
1 Replies

2. Programming

libxml2 documentation

i need to read/write a xml file in c i found libxml2, but the documentation is awfull, im using google but i get most of vb, or c# results can anyone point me to a introduction tutorial? actually, any kind of documentation would be ok (just not the oficial The XML C parser and toolkit... (2 Replies)
Discussion started by: broli
2 Replies

3. Ubuntu

libxml2-dev

Hi again, I use Ubuntu 8.10. I could not install xml-config. Although libxml2-dev is installed, ./configure cannot find xml-config. Help me out please... apprentice (7 Replies)
Discussion started by: apprentice
7 Replies

4. UNIX for Advanced & Expert Users

find: 0652-019 The status on /interfaces/eu3/hmsl/EBS/20070722 is not valid.

I am getting this error when i issue find command. Any advice. Regards, Vishal (0 Replies)
Discussion started by: vishal_ranjan
0 Replies

5. Programming

libxml2

hi all is libxml2 version dependent? can you please explain about it. thank you in advance (2 Replies)
Discussion started by: munna_dude
2 Replies
Login or Register to Ask a Question

LEARN ABOUT MOJAVE

xml::libxml::regexp5.18

XML::LibXML::RegExp(3)					User Contributed Perl Documentation				    XML::LibXML::RegExp(3)

NAME

       XML::LibXML::RegExp - XML::LibXML::RegExp - interface to libxml2 regular expressions

SYNOPSIS

	 use XML::LibXML;
	 my $compiled_re = XML::LibXML::RegExp->new('[0-9]{5}(-[0-9]{4})?');
	 if ($compiled_re->isDeterministic()) { ... }
	 if ($compiled_re->matches($string)) { ... }

	 $compiled_re = XML::LibXML::RegExp->new( $regexp_str );
	 $bool = $compiled_re->matches($string);
	 $bool = $compiled_re->isDeterministic();

DESCRIPTION

       This is a perl interface to libxml2's implementation of regular expressions, which are used e.g. for validation of XML Schema simple types
       (pattern facet).

       new()
	     $compiled_re = XML::LibXML::RegExp->new( $regexp_str );

	   The constructor takes a string containing a regular expression and returns a compiled regexp object.

       matches($string)
	     $bool = $compiled_re->matches($string);

	   Given a string value, returns a true value if the value is matched by the compiled regular expression.

       isDeterministic()
	     $bool = $compiled_re->isDeterministic();

	   Returns a true value if the regular expression is deterministic; returns false otherwise. (See the definition of determinism in the XML
	   spec (<http://www.w3.org/TR/REC-xml/#determinism>))

AUTHORS

       Matt Sergeant, Christian Glahn, Petr Pajas

VERSION

       2.0110

COPYRIGHT

       2001-2007, AxKit.com Ltd.

       2002-2006, Christian Glahn.

       2006-2009, Petr Pajas.

LICENSE

       This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

perl v5.18.2							    2014-02-01						    XML::LibXML::RegExp(3)