CentOS Update For Libxml2 CESA-2012:1512 Centos5 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5134) All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.

Affected

libxml2 on CentOS 5

References

http://lists.centos.org/pipermail/centos-announce/2012-November/019018.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-5134

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

CentOS Security Advisory CESA-2009:1528 (samba)
CentOS Update for abrt CESA-2013:0215 centos6
CentOS Update for apr CESA-2011:0844 centos5 x86_64
CentOS Security Advisory CESA-2009:0373 (systemtap)
CentOS Security Advisory CESA-2009:0459 (kernel)

CentOS Update for libxml2 CESA-2012:1512 centos5

Take action and discover your vulnerabilities