CVE-2009-2414

NONECVSS 0.0

0.0

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework.

🔗 References (72)

secalert@redhathttp://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html
secalert@redhathttp://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
secalert@redhathttp://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html
secalert@redhathttp://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html
secalert@redhathttp://secunia.com/advisories/35036
secalert@redhathttp://secunia.com/advisories/36207
secalert@redhathttp://secunia.com/advisories/36338
secalert@redhathttp://secunia.com/advisories/36417
secalert@redhathttp://secunia.com/advisories/36631
secalert@redhathttp://secunia.com/advisories/37346
secalert@redhathttp://secunia.com/advisories/37471
secalert@redhathttp://support.apple.com/kb/HT3937
secalert@redhathttp://support.apple.com/kb/HT3949
secalert@redhathttp://support.apple.com/kb/HT4225

Is Your Infrastructure Affected by CVE-2009-2414?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-2414

📅 Published

🔄 Last Modified

🔗 References (72)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-2414?