CVE-2008-3281 vulnerability in Xmlsoft and Other Products
Published on August 27, 2008

libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2008-3281

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2008-3281 are published in these products:

Xmlsoft Libxml2

Apple Safari

Apple iOS

Fedora Project Fedora

Canonical Ubuntu Linux

Debian Linux

Red Hat Enterprise Linux Server

Red Hat Enterprise Linux Desktop

Red Hat Enterprise Linux Workstation

Red Hat Enterprise Linux Eus

VMware Esx

Exploit Probability

EPSS

0.80%

Percentile

73.83%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2008-3281 vulnerability in Xmlsoft and Other ProductsPublished on August 27, 2008

Products Associated with CVE-2008-3281

Exploit Probability

CVE-2008-3281 vulnerability in Xmlsoft and Other Products
Published on August 27, 2008