Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-2870
HistoryAug 31, 2012 - 7:55 p.m.

CVE-2012-2870

2012-08-3119:55:00
CWE-399
[email protected]
web.nvd.nist.gov
54
cve-2012-2870
libxslt
memory management
denial of service
google chrome
vulnerability

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.019 Low

EPSS

Percentile

88.6%

JSON

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.

References

Related

prion 1
ubuntucve 1
debiancve 1
openvas 32
osv 1
nessus 29
debian 1
gentoo 1
fedora 3
veracode 5
amazon 1
oraclelinux 1
redhat 2
centos 1
securityvulns 8
ubuntu 1
chrome 1
freebsd 1
suse 1
vmware 2
kitploit 1
tenable 1
prion
prion
Design/Logic Flaw
2012-08-31 19:55:00
ubuntucve
ubuntucve
CVE-2012-2870
2012-08-31 00:00:00
debiancve
debiancve
CVE-2012-2870
2012-08-31 19:55:00
openvas
openvas
Debian: Security Advisory (DSA-2555-1)
2012-10-13 00:00:00
Debian Security Advisory DSA 2555-1 (libxslt)
2012-10-13 00:00:00
Mandriva Update for libxslt MDVSA-2012:164 (libxslt)
2012-10-12 00:00:00
osv
osv
libxslt - several
2012-10-05 00:00:00
nessus
nessus
Debian DSA-2555-1 : libxslt - several vulnerabilities
2012-10-06 00:00:00
Mandriva Linux Security Advisory : libxslt (MDVSA-2012:164)
2012-10-12 00:00:00
Mandriva Linux Security Advisory : libxslt (MDVSA-2013:047)
2013-04-20 00:00:00
debian
debian
[SECURITY] [DSA 2555-1] libxslt security update
2012-10-05 16:45:23
gentoo
gentoo
libxslt: Denial of service
2014-01-10 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: libxslt-1.1.27-2.fc18
2012-12-09 06:31:24
[SECURITY] Fedora 17 Update: libxslt-1.1.26-10.fc17
2012-09-26 09:11:57
[SECURITY] Fedora 16 Update: libxslt-1.1.26-9.fc16
2012-09-27 04:27:12
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:43:13
Denial Of Service (DoS)
2019-05-02 04:43:13
Denial Of Service (DoS)
2019-05-02 04:43:13
amazon
amazon
Important: libxslt
2012-09-22 21:33:00
oraclelinux
oraclelinux
libxslt security update
2012-09-13 00:00:00
redhat
redhat
(RHSA-2012:1265) Important: libxslt security update
2012-09-13 00:00:00
(RHSA-2012:1325) Important: rhev-hypervisor6 security and bug fix update
2012-10-02 00:00:00
centos
centos
libxslt security update
2012-09-13 18:02:29
securityvulns
securityvulns
libxslt multiple security vulnerabilities
2012-10-05 00:00:00
[USN-1595-1] libxslt vulnerabilities
2012-10-05 00:00:00
Apple iTunes multiple security vulnerabilities
2014-01-29 00:00:00
ubuntu
ubuntu
libxslt vulnerabilities
2012-10-04 00:00:00
chrome
chrome
Stable Channel Update
2012-08-30 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2012-08-30 00:00:00
suse
suse
chromium: update to 21.0.1180.88 (important)
2012-09-19 11:08:47
vmware
vmware
VMware vSphere security updates for the authentication service and third party libraries
2013-01-31 00:00:00
VMware vSphere security updates for the authentication service and third party libraries
2013-01-31 00:00:00
kitploit
kitploit
Radamsa - A General-Purpose Fuzzer
2024-03-25 11:30:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.019 Low

EPSS

Percentile

88.6%

JSON
Related for CVE-2012-2870
prion1ubuntucve1debiancve1openvas32osv1nessus29debian1gentoo1fedora3veracode5amazon1oraclelinux1redhat2centos1securityvulns8ubuntu1chrome1freebsd1suse1vmware2kitploit1tenable1