PublicDate: 2008-05-23 15:32:00 UTC
Candidate: CVE-2008-1767
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767
 https://ubuntu.com/security/notices/USN-633-1
Description:
 Buffer overflow in pattern.c in libxslt before 1.1.24 allows
 context-dependent attackers to cause a denial of service (crash) and
 possibly execute arbitrary code via an XSL style sheet file with a long
 XSLT "transformation match" condition that triggers a large number of
 steps.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/bugs/235909
Priority: low
Discovered-by:
Assigned-to: kees
CVSS: 

Patches_libxslt:
upstream_libxslt: released (1.1.24)
dapper_libxslt: released (1.1.15-1ubuntu1.2)
feisty_libxslt: released (1.1.20-0ubuntu2.2)
gutsy_libxslt: released (1.1.21-2ubuntu2.2)
hardy_libxslt: released (1.1.22-1ubuntu1.2)
devel_libxslt: not-affected (1.1.24-1ubuntu1)