FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  424641
Date:      2016-10-25
Time:      17:57:29Z
Committer: feld

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

I found 2 entries for ce4b3af8-0b7c-11e1-846b-00235409fd3e. There should be only one.
VuXML IDDescription
7be92050-a450-11e2-9898-001060e06fd4libxml -- Integer overflow

Integer overflow in xpath.c, allows context-dependent attackers to to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.

Discovery 2011-09-02
Entry 2011-11-10
Modified 2011-11-12
lt 1.8.17_5

lt 2.7.8

57f1a624-6197-11e1-b98c-bcaec565249clibxml2 -- heap buffer overflow

Google chrome team reports:

Heap-based buffer overflow in libxml2, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Discovery 2012-01-05
Entry 2012-02-27
lt 2.7.8_2

843a4641-9816-11e2-9c51-080027019be0libxml2 -- cpu consumption Dos

Kurt Seifried reports:

libxml2 is affected by the expansion of internal entities (which can be used to consume resources) and external entities (which can cause a denial of service against other services, be used to port scan, etc.)..

Discovery 2013-02-21
Entry 2013-03-29
lt 2.8.0