PublicDate: 2008-09-12 16:56:00 UTC
Candidate: CVE-2008-3529
References: 
 https://ubuntu.com/security/notices/USN-644-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529
Description:
 Heap-based buffer overflow in the xmlParseAttValueComplex function in
 parser.c in libxml2 before 2.7.0 allows context-dependent attackers to
 cause a denial of service (crash) or execute arbitrary code via a long XML
 entity name.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: kees
CVSS: 

Patches_libxml2:
upstream_libxml2: released (2.7.1)
dapper_libxml2: released (2.6.24.dfsg-1ubuntu1.3)
feisty_libxml2: released (2.6.27.dfsg-1ubuntu3.3)
gutsy_libxml2: released (2.6.30.dfsg-2ubuntu1.3)
hardy_libxml2: released (2.6.31.dfsg-2ubuntu1.2)
devel_libxml2: released (2.6.32.dfsg-2ubuntu3)