VYPR
Unrated severityNVD Advisory· Published May 23, 2008· Updated Jun 16, 2026

CVE-2008-1767

CVE-2008-1767

Description

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17
  • cpe:2.3:o:redhat:desktop:3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*+ 9 more
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:4:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:enterprise_linux_desktop:4:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_desktop:5:*:client:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop_workstation:5:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
  • Libxslt/libxsltllm-fuzzy
    Range: <1.1.24

Patches

Vulnerability mechanics

References

29

News mentions

0

No linked articles in our index yet.