CVE-2008-4225

Advisory lineage Upstream: 0 Downstream: 5

Downstream

DEBIAN-CVE-2008-4225 DSA-1666-1 OPENSUSE-SU-2024:10192-1 OPENSUSE-SU-2024:10228-1 RHSA-2008:0988

Modified

Published: 25 Nov 2008, 23:00

Last modified:07 Aug 2024, 10:08

Vulnerability Summary

Overall Risk (default)

medium

32/100

CVSS Score

7.8 HIGH

v2.0 (nvd)

EPSS Score

4.92% LOW

5% probability +3.52%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

25 Nov 2008, 23:00

Published

Vulnerability first disclosed

07 Aug 2024, 10:08

Last Modified

Vulnerability information updated

Description

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

CVSS Metrics

v2.0•HIGH•Score: 7.8AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS Trends

Current EPSS score: 4.92%• Percentile: 90%

Techniques & Countermeasures

CWE-189•Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.

Affected Systems

xmlsoft•libxml
2.7.2