Libxml2 UTF-8 Validation Flaw Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1019181
|
|
SecurityTracker URL: http://securitytracker.com/id?1019181
|
|
CVE Reference: CVE-2007-6284
(Links to External Site)
|
Updated: Jan 11 2008
|
Original Entry Date: Jan 11 2008
|
Impact: Denial of service via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): prior to 2.6.31
|
Description: A vulnerability was reported in Libxml2. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to a target application that uses the libxml UTF-8 decoding function to cause the library
to enter an infinite loop.
The vulnerability resides in the xmlCurrentChar() function and can be triggered by certain multibyte
combinations.
Brad Fitzpatrick of Google reported this vulnerability.
|
Impact: A remote user can cause the target application to enter an infinite loop and consume excessive CPU resources on the target system.
|
Solution: The vendor has issued a fixed version (2.6.31).
|
Vendor URL: www.xmlsoft.org/ (Links to External Site)
|
Cause: Input validation error, State error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Fri, 11 Jan 2008 08:17:12 -0500
Subject: libxml
|
Red Hat Bugzilla says:
There exists a denial of service problem in libxml's UTF-8
decoding functions. The xmlCurrentChar() function does not check
UTF-8 correctness and certain multibyte combinations can cause
the library to enter an infinite loop and hang, consuming
system resources. It is strongly recommended to upgrade if
your application accepts arbitrary xml user input.
Provided by:
The issue was originally discovered at Google by Brad Fitzpatrick
and further investigated by Peter Valchev and Will Drewry.
Patch and debugging by Daniel Veillard (libxml).
|
|
