FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-0110

This CVE name corresponds to:

Entered Topic
2004-02-25 libxml2 stack buffer overflow in URI parsing

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2004-0110 at cve.mitre.org

Details

Type Candidate
Name CVE-2004-0110
Phase Modified(20100819)

Description

Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.

References

Source Reference
CONFIRM http://www.xmlsoft.org/news.html
DEBIAN DSA-455
GENTOO GLSA-200403-01
REDHAT RHSA-2004:090
REDHAT RHSA-2004:091
BUGTRAQ 20040305 [OpenPKG-SA-2004.003] OpenPKG Security Advisory (libxml)
BUGTRAQ 20040306 TSLSA-2004-0010 - libxml2
REDHAT RHSA-2004:650
SUSE SUSE-SR:2005:001
CERT-VN VU#493966
CIAC O-086
BID 9718
OVAL oval:org.mitre.oval:def:11626
SECUNIA 10958
OVAL oval:org.mitre.oval:def:833
OVAL oval:org.mitre.oval:def:875
XF libxml2-nanohttp-bo(15301)
XF libxml2-nanoftp-bo(15302)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.