Wind River Support Network

HomeDefectsLIN5-13290
Fixed

LIN5-13290 : Security Advisory - libxml2 - CVE-2013-0338

Created: May 2, 2013    Updated: Dec 19, 2017
Resolved Date: Jul 25, 2013
Previous ID: LIN3-22550
Found In Version: 5.0
Fix Version: 5.0.1.6
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka internal entity expansion with linear complexity.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0338

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads


Live chat
Online