Libxml2 entity Extension Denial of Service Vulnerability (CVE-2014-3660)
Release date:
Updated on:
Affected Systems:
Libxml libxml2
Description:
Bugtraq id: 70644
CVE (CAN) ID: CVE-2014-3660
Libxml2 is an XML Parser and markup tool set.
Libxml2 has a Denial-of-Service vulnerability when processing constructed XML files. Successful exploitation can cause a large amount of CPU consumption and DOS.
Install and use libxml2 in Ubuntu 14.04
Upgrade Linux built-in libxml2 library install php-5.2.5 on RedHat Linux
Ubuntu libxml2
Use of Libxml2 in Linux
Use arm-none-linux-gnueabi in Ubuntu to cross-compile libxml2
<* Source: Netherlands Cyber Security Center
*>
Suggestion:
Vendor patch:
Libxml
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.xmlsoft.org/index.html
This article permanently updates the link address: