Ubuntu Update For Libxml2 USN-1904-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that libxml2 would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly obtain access to arbitrary files or cause resource consumption. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 12.10. (CVE-2013-0339) It was discovered that libxml2 incorrectly handled documents that end abruptly. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2013-2877)

Affected

libxml2 on Ubuntu 13.04 , Ubuntu 12.10 , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2013-0339, CVE-2013-2877

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for curl USN-1894-1
Ubuntu Update for cpio USN-2456-1
Ubuntu Update for commons-daemon USN-1298-1
Ubuntu Update for curl USN-2058-1
Ubuntu Update for cinder USN-2405-1

Ubuntu Update for libxml2 USN-1904-1

Take action and discover your vulnerabilities