CVE-2008-1767

libxslt <1.1.24 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1767. PoCs published by Anthony de Almeida Lopes.

AI-analyzed exploit summary The provided code is a description and a minimal XSLT snippet related to CVE-2008-1767, a buffer overflow vulnerability in libxslt. It lacks exploit code or payloads, serving only as a reference or placeholder.

Description

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Anthony de Almeida Lopes · htmldoslinux

https://www.exploit-db.com/exploits/31815

View Code ZIP pw:eip

The provided code is a description and a minimal XSLT snippet related to CVE-2008-1767, a buffer overflow vulnerability in libxslt. It lacks exploit code or payloads, serving only as a reference or placeholder.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: libxslt 1.1.23 and prior versions

No auth needed

Prerequisites: Application using vulnerable libxslt version · Ability to supply malicious XSLT input

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (29)

Core 29

Core References

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2008:151

Mailing List vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/1580/references

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1020071

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/31681

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/29312

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2008-0287.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/30393

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/30521

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/31363

Exploit x_refsource_confirm

http://bugzilla.gnome.org/show_bug.cgi?id=527297

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2008/dsa-1589

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/42560

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/30315

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32706

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/usn-633-1

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32222

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200806-02.xml

Mailing List vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html

Vendor Advisory x_refsource_confirm

http://support.apple.com/kb/HT3298

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9785

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/2094/references

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/2780

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/30323

Mailing List vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

Vendor Advisory x_refsource_confirm

http://support.apple.com/kb/HT3216

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/31074

Vendor Advisory vendor-advisory x_refsource_suse

http://www.novell.com/linux/security/advisories/2008_13_sr.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/30717

Scores

EPSS 0.1279

EPSS Percentile 95.8%

Details

CWE

CWE-119

Status published

Products (9)

redhat/desktop 3

redhat/enterprise_linux 2.1 (3 CPE variants)

redhat/enterprise_linux 3.0 (3 CPE variants)

redhat/enterprise_linux 4.0 (3 CPE variants)

redhat/enterprise_linux 5.0

redhat/enterprise_linux_desktop 4

redhat/enterprise_linux_desktop 5

redhat/enterprise_linux_desktop_workstation 5

redhat/linux_advanced_workstation 2.1

Published May 23, 2008

Tracked Since Feb 18, 2026