The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of libxml2: buffer overflow via entities references

Synthesis of the vulnerability 

An attacker can create an XML file containing malicious entities references, in order to execute code.
Impacted systems: Debian, VNX Operating Environment, VNX Series, Juniper J-Series, Junos OS, libxml, Mandriva Linux, openSUSE, Solaris, Pulse Connect Secure, Pulse Secure Client, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, ESX, ESXi, VMware vSphere, VMware vSphere Hypervisor.
Severity of this alert: 2/4.
Creation date: 03/12/2012.
Références of this alert: CERTA-2013-AVI-208, CERTA-2013-AVI-337, CERTA-2013-AVI-387, CERTFR-2014-AVI-112, CERTFR-2015-AVI-023, CVE-2012-5134, DSA-2019-197, DSA-2580-1, ESX400-201305001, ESX400-201305402-SG, ESX400-201305404-SG, ESX410-201304001, ESX410-201304401-SG, ESXi400-201305001, ESXi400-201305401-SG, ESXi410-201304001, ESXi410-201304401-SG, ESXi500-201303001, ESXi500-201303101-SG, ESXi500-201303102-SG, ESXi510-201304101-SG, JSA10669, MDVSA-2012:176, MDVSA-2013:056, openSUSE-SU-2012:1637-1, openSUSE-SU-2012:1647-1, openSUSE-SU-2013:0178-1, RHSA-2012:1512-01, RHSA-2013:0217-01, SA44073-2019-03, SSA:2012-341-03, SUSE-SU-2012:1636-1, SUSE-SU-2013:1625-1, SUSE-SU-2013:1627-1, VIGILANCE-VUL-12197, VMSA-2012-0018.2, VMSA-2013-0001.3, VMSA-2013-0001.5, VMSA-2013-0004, VMSA-2013-0004.1, VMSA-2013-0004.2, VMSA-2013-0004.3, VMSA-2013-0007.

Description of the vulnerability 

In an XML document, attributes values may contain entity references.

The parsing of such entities references is incorrect. Technicals details are unknown. Notably, upstream changes referenced in the information source do not match the most often used description of the error.

An attacker can therefore create an XML file containing malicious entities references, in order to execute code.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This threat note impacts software or systems such as Debian, VNX Operating Environment, VNX Series, Juniper J-Series, Junos OS, libxml, Mandriva Linux, openSUSE, Solaris, Pulse Connect Secure, Pulse Secure Client, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, ESX, ESXi, VMware vSphere, VMware vSphere Hypervisor.

Our Vigil@nce team determined that the severity of this cybersecurity note is medium.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this vulnerability note.

Solutions for this threat 

Debian: new libxml2 packages.
New packages are available:
  libxml2_2.7.8.dfsg-2+squeeze6

Dell EMC VNXe: version MR4 Service Pack 5.
The version MR4 Service Pack 5 is fixed:
  https://www.dell.com/support/

Junos: fixed versions for libxml2.
Fixed versions are indicated in information sources.

Mandriva Business Server: new libxml2 packages.
New packages are available:
  libxml2-2.7.8-14.20120229.2.2

Mandriva: new libxml2 packages.
New packages are available:
  libxml2-2-2.7.8-6.8-mdv2011.0

openSUSE 12: new Chromium packages.
New packages are available:
  chromium-25.0.1343.0-1.43.1

openSUSE: new libxml2 packages.
New packages are available:
  openSUSE 11.4 : libxml2-2.7.8-37.1
  openSUSE 12.2 : libxml2-2-2.7.8+git20120223-8.9.1
  openSUSE 12.1 : libxml2-2.7.8+git20110708-3.15.1

Pulse Connect Secure, Pulse Secure Desktop: fixed versions for Multiple Vulnerabilities.
Fixed versions are indicated in information sources.

RHEL 6.3: new mingw32-libxml2 packages.
New packages are available:
  mingw32-libxml2-2.7.6-6.el6_3

RHEL: new libxml2 packages.
New packages are available:
  RHEL 5 : libxml2-2.6.26-2.1.15
  RHEL 6 : libxml2-2.7.6-8

Slackware: new libxml2 packages.
New packages are available:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/libxml2-2.6.32-i486-3_slack12.1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/libxml2-2.6.32-i486-4_slack12.2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/libxml2-2.7.3-i486-5_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/libxml2-2.7.3-x86_64-5_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/libxml2-2.7.6-i486-3_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/libxml2-2.7.6-x86_64-3_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/libxml2-2.7.8-i486-5_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/libxml2-2.7.8-x86_64-5_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libxml2-2.8.0-i486-2_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libxml2-2.8.0-x86_64-2_slack14.0.txz

Solaris 11: version 11.1.7.5.0.
The version 11.1.7.5.0 is fixed:
  https://support.oracle.com/rs?type=doc&id=1554870.1

Solaris 9, 10: patch for libxml2.
A patch is available:
  Solaris 9 :
    SPARC: 114014-30
    X86: 114015-30
  Solaris 10 :
    SPARC: 125731-10
    X86: 125732-10

SUSE LE 10: new libxml2 packages.
New packages are available:
  libxml2-2.6.23-15.39.1

SUSE LE: new libxml2 packages.
New packages are available:
  SUSE LE 11 : libxml2-2.7.6-0.21.1
  SUSE LE 10 : libxml2-2.6.23-15.35.1

VMware ESX 4.0: patch ESX400-201305001.
A patch is available:
  ESX400-201305001.zip
  https://kb.vmware.com/kb/2044240

VMware ESX 4.1: patch ESX410-201304001.
A patch is available:
  ESX410-201304001.zip
  http://kb.vmware.com/kb/2045253

VMware ESXi 4.0: patch ESXi400-201305001.
A patch is available:
  ESXi400-201305001.zip
  https://kb.vmware.com/kb/2044246

VMware ESXi 4.1: patch ESXi410-201304001.
A patch is available:
  ESXi410-201304001.zip
  http://kb.vmware.com/kb/2045255

VMware ESXi 5.0: patch ESXi500-201303001.
A patch is available:
  http://kb.vmware.com/kb/2044373

VMware ESXi 5.1: patch ESXi510-201304101-SG.
A patch is available:
  http://kb.vmware.com/kb/2041632
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides computer security alerts. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.