CVE-2004-0110
libxml - buffer overflows
EPSS 41.3%
Description
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
How to fix CVE-2004-0110
To remediate CVE-2004-0110, upgrade the affected package to a fixed version below.
- Debian/libxml—upgrade to 1.8.17-2woody1 or later
- Debian/libxml2—upgrade to 2.6.6-1 or later
- Debian/libxml2—upgrade to 2.4.19-4woody1 or later
Is CVE-2004-0110 being exploited?
Moderate — EPSS is 41.3%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 1.8.17-2woody1
- from 0, < 2.6.6-1
- from 0, < 2.4.19-4woody1