Red Hat Customer Portal

Skip to main content

CVE-2004-0989

Impact:
Moderate
Public Date:
2004-10-26
Bugzilla:
430645: CVE-2004-0989 libxml2 various overflows

The MITRE CVE dictionary describes this issue as:

Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.

Find out more about CVE-2004-0989 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (libxml2) RHSA-2004:615 2004-11-12
Red Hat Enterprise Linux 3 (libxml) RHSA-2004:650 2004-12-16
Red Hat Enterprise Linux 2.1 (libxml2) RHSA-2004:615 2004-11-12
Red Hat Enterprise Linux 2.1 (libxml) RHSA-2004:650 2004-12-16