CVE-2008-4225
libxml2 - several vulnerabilities
EPSS 4.9%
Description
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
How to fix CVE-2008-4225
To remediate CVE-2008-4225, upgrade the affected package to a fixed version below.
- Debian/libxml2—upgrade to 2.6.32.dfsg-5 or later
- Debian/libxml2—upgrade to 2.6.27.dfsg-6 or later
Is CVE-2008-4225 being exploited?
Low — EPSS is 4.9%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2.6.32.dfsg-5
- from 0, < 2.6.27.dfsg-6