Severity: : High
  CVE Kennungen: : CVE-2008-1767
  Advisory Date: 21 de июля de 2015

  DESCRIPTION

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.

  INFORMATION EXPOSURE

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1002650
  Trend Micro Deep Security DPI Rule Name: 1002650 - libxslt XSL File Processing Buffer Overflow Vulnerability

  AFFECTED SOFTWARE AND VERSION:

  • redhat Enterprise Linux Desktop 5
  • redhat Enterprise Linux Desktop Workstation 5
  • redhat desktop 3
  • redhat desktop 4
  • redhat enterprise_linux 2.1
  • redhat enterprise_linux 3
  • redhat enterprise_linux 4
  • redhat enterprise_linux 5
  • redhat linux_advanced_workstation 2.1