Ubuntu Update For Libxml2 USN-2389-1 Network Vulnerability

Summary

Check the version of libxml2

Solution

Please Install the Updated Packages.

Insight

It was discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service.

Affected

libxml2 on Ubuntu 14.04 LTS , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

Detection

Get the installed version with the help of detect NVT and check if the version is vulnerable or not.

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-October/002707.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-3660

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for bzip2 vulnerability USN-986-1
Ubuntu Update for cmake vulnerabilities USN-890-6
Ubuntu Update for apache2 vulnerabilities USN-575-1
Ubuntu Update for clamav vulnerability USN-986-2
Ubuntu Update for clamav USN-1482-2

Ubuntu Update for libxml2 USN-2389-1

Take action and discover your vulnerabilities