CVE-2008-1767
libxslt <1.1.24 - Buffer Overflow
Title source: llmDescription
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Anthony de Almeida Lopes · htmldoslinux
https://www.exploit-db.com/exploits/31815
References (29)
... and 9 more
Scores
EPSS
0.2079
EPSS Percentile
95.6%
Details
CWE
CWE-119
Status
published
Products (9)
redhat/desktop
3
redhat/enterprise_linux
2.1 (3 CPE variants)
redhat/enterprise_linux
3.0 (3 CPE variants)
redhat/enterprise_linux
4.0 (3 CPE variants)
redhat/enterprise_linux
5.0
redhat/enterprise_linux_desktop
4
redhat/enterprise_linux_desktop
5
redhat/enterprise_linux_desktop_workstation
5
redhat/linux_advanced_workstation
2.1
Published
May 23, 2008
Tracked Since
Feb 18, 2026