Skip to navigation

CVE Database

CVE-2004-0989

Impact: Moderate
Public: 2004-10-26
Bugzilla: 430645: CVE-2004-0989 libxml2 various overflows

Details

The MITRE CVE dictionary describes this issue as:

Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.

Find out more about CVE-2004-0989 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (libxml) RHSA-2004:650 December 16, 2004
Red Hat Enterprise Linux version 2.1 (libxml2) RHSA-2004:615 November 12, 2004
Red Hat Enterprise Linux version 3 (libxml) RHSA-2004:650 December 16, 2004
Red Hat Enterprise Linux version 3 (libxml2) RHSA-2004:615 November 12, 2004

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.