Common Vulnerabilities and Exposures assigned an identifier CVE-2004-0110 to the following vulnerability: Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL. References: http://www.xmlsoft.org/news.html http://www.debian.org/security/2004/dsa-455 http://security.gentoo.org/glsa/glsa-200403-01.xml http://rhn.redhat.com/errata/RHSA-2004-090.html http://www.redhat.com/support/errata/RHSA-2004-091.html http://marc.theaimsgroup.com/?l=bugtraq&m=107851606605420&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=107860178228804&w=2 http://www.redhat.com/support/errata/RHSA-2004-650.html http://www.novell.com/linux/security/advisories/2005_01_sr.html http://www.kb.cert.org/vuls/id/493966 http://www.ciac.org/ciac/bulletins/o-086.shtml http://www.securityfocus.com/bid/9718 http://secunia.com/advisories/10958/ http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:833 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:875 http://xforce.iss.net/xforce/xfdb/15301 http://xforce.iss.net/xforce/xfdb/15302
libxml-1.8.17-24.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/libxml-1.8.17-24.fc11
libxml-1.8.17-24.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/libxml-1.8.17-24.fc10
libxml-1.8.17-24.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
libxml-1.8.17-24.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
This was addressed via: Red Hat Enterprise Linux version 2.1 (RHSA-2004:090 (libxml2) and RHSA-2004:650 (libxml)) Red Hat Enterprise Linux version 3 (RHSA-2004:090 (libxml2) and RHSA-2004:650 (libxml)) Red Hat Linux 9 (RHSA-2004:091)