oss-sec mailing list archives
libxml2 "ampproblem" DoS
From: Robert Buchholz <rbu () gentoo org>
Date: Thu, 2 Oct 2008 18:41:18 +0200
Hey, I did not look into this issue closely yet, but I can reproduce an OOM situation on libxml2 2.7.1, but not on 2.6.32. The malicious XML file can be found on http://bugzilla.gnome.org/show_bug.cgi?id=554660 I'm not sure if and how this is related to CVE-2008-3281. Robert
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- libxml2 "ampproblem" DoS Robert Buchholz (Oct 02)
- Re: libxml2 "ampproblem" DoS Daniel Veillard (Oct 03)
- Re: Re: libxml2 "ampproblem" DoS Robert Buchholz (Oct 03)
- Re: Re: libxml2 "ampproblem" DoS Steven M. Christey (Oct 03)
- Re: Re: libxml2 "ampproblem" DoS Tomas Hoger (Oct 06)
- Re: Re: libxml2 "ampproblem" DoS Robert Buchholz (Oct 06)
- Re: Re: libxml2 "ampproblem" DoS Steven M. Christey (Oct 07)
- Re: libxml2 "ampproblem" DoS Daniel Veillard (Oct 03)