Vulnerability Description
Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xmlsoft | Libxslt | 1.1.8 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/31230
- http://secunia.com/advisories/31310
- http://secunia.com/advisories/31331
- http://secunia.com/advisories/31363
- http://secunia.com/advisories/31395
- http://secunia.com/advisories/31399
- http://secunia.com/advisories/32453
- http://security.gentoo.org/glsa/glsa-200808-06.xml
- http://securityreason.com/securityalert/4078
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0306
- http://www.debian.org/security/2008/dsa-1624
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:160
- http://www.ocert.org/advisories/ocert-2008-009.htmlPatch
- http://www.ocert.org/patches/exslt_crypt.patchExploitPatch
- http://www.redhat.com/support/errata/RHSA-2008-0649.html
FAQ
What is CVE-2008-2935?
CVE-2008-2935 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1...
How severe is CVE-2008-2935?
CVE-2008-2935 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-2935?
Check the references section above for vendor advisories and patch information. Affected products include: Xmlsoft Libxslt.