HTTP: GNOME Project libxslt Library RC4 Key String Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the libxslt library. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.
Extended Description
The 'libxslt' library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker may exploit this issue to execute arbitrary code with the privileges of the user running an application that relies on the affected library. Failed exploit attempts will likely result in denial-of-service conditions. This issue affects libxslt 1.1.8 to 1.1.24.
Affected Products
Pardus linux_2007,Debian linux
Short Name
HTTP:STC:DL:GNOME-RC4-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2008-2935 GNOME Key Library Overflow Project RC4 String bid:30467 libxslt
Release Date
10/12/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Gentoo
Rpath
Pardus
Ubuntu
Mandriva
Xmlsoft
Debian
CVSS Score
7.5