Trend Micro Security

libxslt XSL File Processing Buffer Overflow Vulnerability

2015年7月21日
  危険度: :
  CVE識別番号: CVE-2008-1767

  概要

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1002650
  Trend Micro Deep Security DPI Rule Name: 1002650 - libxslt XSL File Processing Buffer Overflow Vulnerability

  影響を受けるソフトウェア

  • redhat Enterprise Linux Desktop 5
  • redhat Enterprise Linux Desktop Workstation 5
  • redhat desktop 3
  • redhat desktop 4
  • redhat enterprise_linux 2.1
  • redhat enterprise_linux 3
  • redhat enterprise_linux 4
  • redhat enterprise_linux 5
  • redhat linux_advanced_workstation 2.1