CVE-2008-1767
CVE-2008-1767
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/31815no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://bugzilla.gnome.org/show_bug.cgi?id=527297http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.htmlhttp://lists.apple.com/archives/security-announce//2008/Nov/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2008/Oct/msg00001.htmlhttp://secunia.com/advisories/30315http://secunia.com/advisories/30323http://secunia.com/advisories/30393http://secunia.com/advisories/30521http://secunia.com/advisories/30717http://secunia.com/advisories/31074http://secunia.com/advisories/31363http://secunia.com/advisories/32222