CVE-2008-1767
CVE-2008-1767
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/31815não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://bugzilla.gnome.org/show_bug.cgi?id=527297http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.htmlhttp://lists.apple.com/archives/security-announce//2008/Nov/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2008/Oct/msg00001.htmlhttp://secunia.com/advisories/30315http://secunia.com/advisories/30323http://secunia.com/advisories/30393http://secunia.com/advisories/30521http://secunia.com/advisories/30717http://secunia.com/advisories/31074http://secunia.com/advisories/31363http://secunia.com/advisories/32222