{"id": "FEDORA_2012-14048.NASL", "bulletinFamily": "scanner", "title": "Fedora 16 : libxslt-1.1.26-9.fc16 (2012-14048)", "description": "Lot of security fixes and a few other bugs\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2012-09-27T00:00:00", "modified": "2012-09-27T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/62326", "reporter": "This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=852937", "https://bugzilla.redhat.com/show_bug.cgi?id=788826", "https://bugzilla.redhat.com/show_bug.cgi?id=835982", "http://www.nessus.org/u?7a8e416b", "https://bugzilla.redhat.com/show_bug.cgi?id=852935", "https://bugzilla.redhat.com/show_bug.cgi?id=684386"], "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "type": "nessus", "lastseen": "2021-01-12T10:10:00", "edition": 13, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "oraclelinux", "idList": ["ELSA-2012-1265"]}, {"type": "amazon", "idList": ["ALAS-2012-123"]}, {"type": "fedora", "idList": ["FEDORA:C70C120226", "FEDORA:498E820A9F", "FEDORA:6829022A44"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2012-1265.NASL", "CENTOS_RHSA-2012-1265.NASL", "SOLARIS11_LIBXSLT_20140114_2.NASL", "FEDORA_2012-15716.NASL", "ALA_ALAS-2012-123.NASL", "REDHAT-RHSA-2012-1265.NASL", "UBUNTU_USN-1595-1.NASL", "FEDORA_2012-14083.NASL", "VMWARE_VMSA-2013-0001.NASL", "SL_20120913_LIBXSLT_ON_SL5_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310123820", "OPENVAS:881491", "OPENVAS:881494", "OPENVAS:864756", "OPENVAS:1361412562310881491", "OPENVAS:864750", "OPENVAS:1361412562310864750", "OPENVAS:1361412562310881494", "OPENVAS:1361412562310870826", "OPENVAS:1361412562310120479"]}, {"type": "ubuntu", "idList": ["USN-1595-1"]}, {"type": "centos", "idList": ["CESA-2012:1265"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28337", "SECURITYVULNS:DOC:30244", "SECURITYVULNS:DOC:27719", "SECURITYVULNS:VULN:12980", "SECURITYVULNS:VULN:12615", "SECURITYVULNS:DOC:25656", "SECURITYVULNS:DOC:26243", "SECURITYVULNS:DOC:28605", "SECURITYVULNS:VULN:12494", "SECURITYVULNS:VULN:12227"]}, {"type": "redhat", "idList": ["RHSA-2012:1265", "RHSA-2012:1325"]}, {"type": "cve", "idList": ["CVE-2012-2825", "CVE-2012-2871", "CVE-2011-3970", "CVE-2012-2870", "CVE-2011-1202"]}, {"type": "android", "idList": ["ANDROID:ANDROID_BROWSER_EXPLOIT_WEBKIT"]}, {"type": "vmware", "idList": ["VMSA-2013-0001"]}, {"type": "thn", "idList": ["THN:94494D23203FCCEB0318F9EF729CCE70"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2555-1:F69D3"]}, {"type": "gentoo", "idList": ["GLSA-201203-08"]}, {"type": "mozilla", "idList": ["MFSA2011-18"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2012:1215-1"]}, {"type": "freebsd", "idList": ["EE68923D-F2F5-11E1-8014-00262D5ED8EE"]}], "modified": "2021-01-12T10:10:00", "rev": 2}, "score": {"value": 6.8, "vector": "NONE", "modified": "2021-01-12T10:10:00", "rev": 2}, "vulnersScore": 6.8}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-14048.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62326);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_bugtraq_id(47668, 51911, 54203, 55331);\n script_xref(name:\"FEDORA\", value:\"2012-14048\");\n\n script_name(english:\"Fedora 16 : libxslt-1.1.26-9.fc16 (2012-14048)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Lot of security fixes and a few other bugs\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=684386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=788826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=835982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=852935\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=852937\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-September/088344.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7a8e416b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxslt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"libxslt-1.1.26-9.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "62326", "cpe": ["p-cpe:/a:fedoraproject:fedora:libxslt", "cpe:/o:fedoraproject:fedora:16"], "scheme": null}

{"oraclelinux": [{"lastseen": "2019-05-29T18:39:41", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "[1.1.26-2.0.2.el6_3.1]\n- Increment release to avoid ULN conflict with previous release.\n[1.1.26-2.0.1.el6_3.1]\n- Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball\n[1.1.26-2.el6_3.1]\n- fixes CVE-2011-1202 CVE-2011-3970 CVE-2012-2825 CVE-2012-2871 CVE-2012-2870\n- Fix direct pattern matching bug\n- Fix popping of vars in xsltCompilerNodePop\n- Fix bug 602515\n- Fix generate-id() to not expose object addresses (CVE-2011-1202)\n- Fix some case of pattern parsing errors (CVE-2011-3970)\n- Fix a bug in selecting XSLT elements (CVE-2012-2825)\n- Fix portability to upcoming libxml2-2.9.0\n- Fix default template processing on namespace nodes (CVE-2012-2871)\n- Cleanup of the pattern compilation code (CVE-2012-2870)\n- Hardening of code checking node types in various entry point (CVE-2012-2870)\n- Hardening of code checking node types in EXSLT (CVE-2012-2870)\n- Fix system-property with unknown namespace\n- Xsltproc should return an error code if xinclude fails\n- Fix a dictionary string usage\n- Avoid a heap use after free error", "edition": 4, "modified": "2012-09-13T00:00:00", "published": "2012-09-13T00:00:00", "id": "ELSA-2012-1265", "href": "http://linux.oracle.com/errata/ELSA-2012-1265.html", "title": "libxslt security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:35:10", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "**Issue Overview:**\n\nA heap-based buffer overflow flaw was found in the way libxslt applied templates to nodes selected by certain namespaces. An attacker could use this flaw to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. ([CVE-2012-2871 __](<https://access.redhat.com/security/cve/CVE-2012-2871>))\n\nSeveral denial of service flaws were found in libxslt. An attacker could use these flaws to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash. ([CVE-2012-2825 __](<https://access.redhat.com/security/cve/CVE-2012-2825>), [CVE-2012-2870 __](<https://access.redhat.com/security/cve/CVE-2012-2870>), [CVE-2011-3970 __](<https://access.redhat.com/security/cve/CVE-2011-3970>))\n\nAn information leak could occur if an application using libxslt processed an untrusted XPath expression, or used a malicious XSL file to perform an XSL transformation. If combined with other flaws, this leak could possibly help an attacker bypass intended memory corruption protections. ([CVE-2011-1202 __](<https://access.redhat.com/security/cve/CVE-2011-1202>))\n\n \n**Affected Packages:** \n\n\nlibxslt\n\n \n**Issue Correction:** \nRun _yum update libxslt_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n libxslt-python-1.1.26-2.7.amzn1.i686 \n libxslt-1.1.26-2.7.amzn1.i686 \n libxslt-devel-1.1.26-2.7.amzn1.i686 \n libxslt-debuginfo-1.1.26-2.7.amzn1.i686 \n \n src: \n libxslt-1.1.26-2.7.amzn1.src \n \n x86_64: \n libxslt-devel-1.1.26-2.7.amzn1.x86_64 \n libxslt-debuginfo-1.1.26-2.7.amzn1.x86_64 \n libxslt-python-1.1.26-2.7.amzn1.x86_64 \n libxslt-1.1.26-2.7.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2012-09-22T21:33:00", "published": "2012-09-22T21:33:00", "id": "ALAS-2012-123", "href": "https://alas.aws.amazon.com/ALAS-2012-123.html", "title": "Important: libxslt", "type": "amazon", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-01T01:18:03", "description": "A heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could\nuse this flaw to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation,\ncould cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker\ncould use these flaws to create a malicious XSL file that, when used\nby an application linked against libxslt to perform an XSL\ntransformation, could cause the application to crash. (CVE-2012-2825 ,\nCVE-2012-2870 , CVE-2011-3970)\n\nAn information leak could occur if an application using libxslt\nprocessed an untrusted XPath expression, or used a malicious XSL file\nto perform an XSL transformation. If combined with other flaws, this\nleak could possibly help an attacker bypass intended memory corruption\nprotections. (CVE-2011-1202)", "edition": 23, "published": "2013-09-04T00:00:00", "title": "Amazon Linux AMI : libxslt (ALAS-2012-123)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libxslt-python", "p-cpe:/a:amazon:linux:libxslt", "p-cpe:/a:amazon:linux:libxslt-devel", "p-cpe:/a:amazon:linux:libxslt-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-123.NASL", "href": "https://www.tenable.com/plugins/nessus/69613", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-123.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69613);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_xref(name:\"ALAS\", value:\"2012-123\");\n script_xref(name:\"RHSA\", value:\"2012:1265\");\n\n script_name(english:\"Amazon Linux AMI : libxslt (ALAS-2012-123)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could\nuse this flaw to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation,\ncould cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker\ncould use these flaws to create a malicious XSL file that, when used\nby an application linked against libxslt to perform an XSL\ntransformation, could cause the application to crash. (CVE-2012-2825 ,\nCVE-2012-2870 , CVE-2011-3970)\n\nAn information leak could occur if an application using libxslt\nprocessed an untrusted XPath expression, or used a malicious XSL file\nto perform an XSL transformation. If combined with other flaws, this\nleak could possibly help an attacker bypass intended memory corruption\nprotections. (CVE-2011-1202)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-123.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update libxslt' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxslt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"libxslt-1.1.26-2.7.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxslt-debuginfo-1.1.26-2.7.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxslt-devel-1.1.26-2.7.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libxslt-python-1.1.26-2.7.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt / libxslt-debuginfo / libxslt-devel / libxslt-python\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:46:50", "description": "A heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could\nuse this flaw to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation,\ncould cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker\ncould use these flaws to create a malicious XSL file that, when used\nby an application linked against libxslt to perform an XSL\ntransformation, could cause the application to crash. (CVE-2012-2825,\nCVE-2012-2870, CVE-2011-3970)\n\nAn information leak could occur if an application using libxslt\nprocessed an untrusted XPath expression, or used a malicious XSL file\nto perform an XSL transformation. If combined with other flaws, this\nleak could possibly help an attacker bypass intended memory corruption\nprotections. (CVE-2011-1202)\n\nAll running applications linked against libxslt must be restarted for\nthis update to take effect.", "edition": 14, "published": "2012-09-15T00:00:00", "title": "Scientific Linux Security Update : libxslt on SL5.x, SL6.x i386/x86_64 (20120913)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2012-09-15T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:libxslt-python", "p-cpe:/a:fermilab:scientific_linux:libxslt-devel", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:libxslt"], "id": "SL_20120913_LIBXSLT_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/62107", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62107);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n\n script_name(english:\"Scientific Linux Security Update : libxslt on SL5.x, SL6.x i386/x86_64 (20120913)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could\nuse this flaw to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation,\ncould cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker\ncould use these flaws to create a malicious XSL file that, when used\nby an application linked against libxslt to perform an XSL\ntransformation, could cause the application to crash. (CVE-2012-2825,\nCVE-2012-2870, CVE-2011-3970)\n\nAn information leak could occur if an application using libxslt\nprocessed an untrusted XPath expression, or used a malicious XSL file\nto perform an XSL transformation. If combined with other flaws, this\nleak could possibly help an attacker bypass intended memory corruption\nprotections. (CVE-2011-1202)\n\nAll running applications linked against libxslt must be restarted for\nthis update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1209&L=scientific-linux-errata&T=0&P=2008\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dd6354fa\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libxslt, libxslt-devel and / or libxslt-python\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"libxslt-1.1.17-4.el5_8.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libxslt-devel-1.1.17-4.el5_8.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libxslt-python-1.1.17-4.el5_8.3\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"libxslt-1.1.26-2.el6_3.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxslt-devel-1.1.26-2.el6_3.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libxslt-python-1.1.26-2.el6_3.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt / libxslt-devel / libxslt-python\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:10:07", "description": "Fix a default namespace regression in 1.1.27 Upstream new release also\nincluding a number of security fixes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-12-10T00:00:00", "title": "Fedora 18 : libxslt-1.1.27-2.fc18 (2012-15716)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2012-12-10T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:libxslt"], "id": "FEDORA_2012-15716.NASL", "href": "https://www.tenable.com/plugins/nessus/63195", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-15716.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63195);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_bugtraq_id(47668, 51911, 54203, 55331);\n script_xref(name:\"FEDORA\", value:\"2012-15716\");\n\n script_name(english:\"Fedora 18 : libxslt-1.1.27-2.fc18 (2012-15716)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix a default namespace regression in 1.1.27 Upstream new release also\nincluding a number of security fixes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=684386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=788826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=835982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=852935\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=852937\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-December/094237.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?283d32f5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxslt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"libxslt-1.1.27-2.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:10:01", "description": "Lot of security fixes and a few other bugs\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-09-27T00:00:00", "title": "Fedora 17 : libxslt-1.1.26-10.fc17 (2012-14083)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2012-09-27T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:libxslt"], "id": "FEDORA_2012-14083.NASL", "href": "https://www.tenable.com/plugins/nessus/62328", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-14083.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62328);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_bugtraq_id(47668, 51911, 54203, 55331);\n script_xref(name:\"FEDORA\", value:\"2012-14083\");\n\n script_name(english:\"Fedora 17 : libxslt-1.1.26-10.fc17 (2012-14083)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Lot of security fixes and a few other bugs\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=684386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=788826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=835982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=852935\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=852937\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-September/088273.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6ba3e29\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxslt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"libxslt-1.1.26-10.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T06:38:29", "description": "Chris Evans discovered that libxslt incorrectly handled generate-id\nXPath functions. If a user or automated system were tricked into\nprocessing a specially crafted XSLT document, a remote attacker could\nobtain potentially sensitive information. This issue only affected\nUbuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 11.04. (CVE-2011-1202)\n\nIt was discovered that libxslt incorrectly parsed certain patterns. If\na user or automated system were tricked into processing a specially\ncrafted XSLT document, a remote attacker could cause libxslt to crash,\ncausing a denial of service. (CVE-2011-3970)\n\nNicholas Gregoire discovered that libxslt incorrectly handled\nunexpected DTD nodes. If a user or automated system were tricked into\nprocessing a specially crafted XSLT document, a remote attacker could\ncause libxslt to crash, causing a denial of service. (CVE-2012-2825)\n\nNicholas Gregoire discovered that libxslt incorrectly managed memory.\nIf a user or automated system were tricked into processing a specially\ncrafted XSLT document, a remote attacker could cause libxslt to crash,\ncausing a denial of service. (CVE-2012-2870)\n\nNicholas Gregoire discovered that libxslt incorrectly handled certain\ntransforms. If a user or automated system were tricked into processing\na specially crafted XSLT document, a remote attacker could cause\nlibxslt to crash, causing a denial of service, or possibly execute\narbitrary code. (CVE-2012-2871)\n\nCris Neckar discovered that libxslt incorrectly managed memory. If a\nuser or automated system were tricked into processing a specially\ncrafted XSLT document, a remote attacker could cause libxslt to crash,\ncausing a denial of service, or possibly execute arbitrary code.\n(CVE-2012-2893).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2012-10-05T00:00:00", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : libxslt vulnerabilities (USN-1595-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libxslt1.1", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1595-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62435", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1595-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62435);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\", \"CVE-2012-2893\");\n script_bugtraq_id(47668, 51911, 54203, 55331, 55676);\n script_xref(name:\"USN\", value:\"1595-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : libxslt vulnerabilities (USN-1595-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chris Evans discovered that libxslt incorrectly handled generate-id\nXPath functions. If a user or automated system were tricked into\nprocessing a specially crafted XSLT document, a remote attacker could\nobtain potentially sensitive information. This issue only affected\nUbuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 11.04. (CVE-2011-1202)\n\nIt was discovered that libxslt incorrectly parsed certain patterns. If\na user or automated system were tricked into processing a specially\ncrafted XSLT document, a remote attacker could cause libxslt to crash,\ncausing a denial of service. (CVE-2011-3970)\n\nNicholas Gregoire discovered that libxslt incorrectly handled\nunexpected DTD nodes. If a user or automated system were tricked into\nprocessing a specially crafted XSLT document, a remote attacker could\ncause libxslt to crash, causing a denial of service. (CVE-2012-2825)\n\nNicholas Gregoire discovered that libxslt incorrectly managed memory.\nIf a user or automated system were tricked into processing a specially\ncrafted XSLT document, a remote attacker could cause libxslt to crash,\ncausing a denial of service. (CVE-2012-2870)\n\nNicholas Gregoire discovered that libxslt incorrectly handled certain\ntransforms. If a user or automated system were tricked into processing\na specially crafted XSLT document, a remote attacker could cause\nlibxslt to crash, causing a denial of service, or possibly execute\narbitrary code. (CVE-2012-2871)\n\nCris Neckar discovered that libxslt incorrectly managed memory. If a\nuser or automated system were tricked into processing a specially\ncrafted XSLT document, a remote attacker could cause libxslt to crash,\ncausing a denial of service, or possibly execute arbitrary code.\n(CVE-2012-2893).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1595-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxslt1.1 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxslt1.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libxslt1.1\", pkgver:\"1.1.22-1ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libxslt1.1\", pkgver:\"1.1.26-1ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libxslt1.1\", pkgver:\"1.1.26-6ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libxslt1.1\", pkgver:\"1.1.26-7ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libxslt1.1\", pkgver:\"1.1.26-8ubuntu1.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt1.1\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:47:09", "description": "From Red Hat Security Advisory 2012:1265 :\n\nUpdated libxslt packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nlibxslt is a library for transforming XML files into other textual\nformats (including HTML, plain text, and other XML representations of\nthe underlying data) using the standard XSLT stylesheet transformation\nmechanism.\n\nA heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could\nuse this flaw to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation,\ncould cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker\ncould use these flaws to create a malicious XSL file that, when used\nby an application linked against libxslt to perform an XSL\ntransformation, could cause the application to crash. (CVE-2012-2825,\nCVE-2012-2870, CVE-2011-3970)\n\nAn information leak could occur if an application using libxslt\nprocessed an untrusted XPath expression, or used a malicious XSL file\nto perform an XSL transformation. If combined with other flaws, this\nleak could possibly help an attacker bypass intended memory corruption\nprotections. (CVE-2011-1202)\n\nAll libxslt users are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. All running\napplications linked against libxslt must be restarted for this update\nto take effect.", "edition": 21, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : libxslt (ELSA-2012-1265)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:libxslt-devel", "p-cpe:/a:oracle:linux:libxslt-python", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:libxslt"], "id": "ORACLELINUX_ELSA-2012-1265.NASL", "href": "https://www.tenable.com/plugins/nessus/68622", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1265 and \n# Oracle Linux Security Advisory ELSA-2012-1265 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68622);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\", \"CVE-2012-2893\");\n script_bugtraq_id(46785, 47668, 51911, 54203, 55331);\n script_xref(name:\"RHSA\", value:\"2012:1265\");\n\n script_name(english:\"Oracle Linux 5 / 6 : libxslt (ELSA-2012-1265)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1265 :\n\nUpdated libxslt packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nlibxslt is a library for transforming XML files into other textual\nformats (including HTML, plain text, and other XML representations of\nthe underlying data) using the standard XSLT stylesheet transformation\nmechanism.\n\nA heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could\nuse this flaw to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation,\ncould cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker\ncould use these flaws to create a malicious XSL file that, when used\nby an application linked against libxslt to perform an XSL\ntransformation, could cause the application to crash. (CVE-2012-2825,\nCVE-2012-2870, CVE-2011-3970)\n\nAn information leak could occur if an application using libxslt\nprocessed an untrusted XPath expression, or used a malicious XSL file\nto perform an XSL transformation. If combined with other flaws, this\nleak could possibly help an attacker bypass intended memory corruption\nprotections. (CVE-2011-1202)\n\nAll libxslt users are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. All running\napplications linked against libxslt must be restarted for this update\nto take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-September/003026.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-September/003029.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxslt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"libxslt-1.1.17-4.0.1.el5_8.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"libxslt-devel-1.1.17-4.0.1.el5_8.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"libxslt-python-1.1.17-4.0.1.el5_8.3\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"libxslt-1.1.26-2.0.2.el6_3.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libxslt-devel-1.1.26-2.0.2.el6_3.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libxslt-python-1.1.26-2.0.2.el6_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt / libxslt-devel / libxslt-python\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:28:00", "description": "Updated libxslt packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nlibxslt is a library for transforming XML files into other textual\nformats (including HTML, plain text, and other XML representations of\nthe underlying data) using the standard XSLT stylesheet transformation\nmechanism.\n\nA heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could\nuse this flaw to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation,\ncould cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker\ncould use these flaws to create a malicious XSL file that, when used\nby an application linked against libxslt to perform an XSL\ntransformation, could cause the application to crash. (CVE-2012-2825,\nCVE-2012-2870, CVE-2011-3970)\n\nAn information leak could occur if an application using libxslt\nprocessed an untrusted XPath expression, or used a malicious XSL file\nto perform an XSL transformation. If combined with other flaws, this\nleak could possibly help an attacker bypass intended memory corruption\nprotections. (CVE-2011-1202)\n\nAll libxslt users are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. All running\napplications linked against libxslt must be restarted for this update\nto take effect.", "edition": 24, "published": "2012-09-14T00:00:00", "title": "CentOS 5 / 6 : libxslt (CESA-2012:1265)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2012-09-14T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libxslt-python", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:libxslt-devel", "p-cpe:/a:centos:centos:libxslt", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-1265.NASL", "href": "https://www.tenable.com/plugins/nessus/62085", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1265 and \n# CentOS Errata and Security Advisory 2012:1265 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62085);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\", \"CVE-2012-2893\");\n script_bugtraq_id(46785, 47668, 51911, 54203, 55331);\n script_xref(name:\"RHSA\", value:\"2012:1265\");\n\n script_name(english:\"CentOS 5 / 6 : libxslt (CESA-2012:1265)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libxslt packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nlibxslt is a library for transforming XML files into other textual\nformats (including HTML, plain text, and other XML representations of\nthe underlying data) using the standard XSLT stylesheet transformation\nmechanism.\n\nA heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could\nuse this flaw to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation,\ncould cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker\ncould use these flaws to create a malicious XSL file that, when used\nby an application linked against libxslt to perform an XSL\ntransformation, could cause the application to crash. (CVE-2012-2825,\nCVE-2012-2870, CVE-2011-3970)\n\nAn information leak could occur if an application using libxslt\nprocessed an untrusted XPath expression, or used a malicious XSL file\nto perform an XSL transformation. If combined with other flaws, this\nleak could possibly help an attacker bypass intended memory corruption\nprotections. (CVE-2011-1202)\n\nAll libxslt users are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. All running\napplications linked against libxslt must be restarted for this update\nto take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-September/018871.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a1ab0b2f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-September/018873.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?81160a90\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxslt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2871\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"libxslt-1.1.17-4.el5_8.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libxslt-devel-1.1.17-4.el5_8.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libxslt-python-1.1.17-4.el5_8.3\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"libxslt-1.1.26-2.el6_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxslt-devel-1.1.26-2.el6_3.1\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libxslt-python-1.1.26-2.el6_3.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt / libxslt-devel / libxslt-python\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:11:08", "description": "Updated libxslt packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nlibxslt is a library for transforming XML files into other textual\nformats (including HTML, plain text, and other XML representations of\nthe underlying data) using the standard XSLT stylesheet transformation\nmechanism.\n\nA heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could\nuse this flaw to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation,\ncould cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker\ncould use these flaws to create a malicious XSL file that, when used\nby an application linked against libxslt to perform an XSL\ntransformation, could cause the application to crash. (CVE-2012-2825,\nCVE-2012-2870, CVE-2011-3970)\n\nAn information leak could occur if an application using libxslt\nprocessed an untrusted XPath expression, or used a malicious XSL file\nto perform an XSL transformation. If combined with other flaws, this\nleak could possibly help an attacker bypass intended memory corruption\nprotections. (CVE-2011-1202)\n\nAll libxslt users are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. All running\napplications linked against libxslt must be restarted for this update\nto take effect.", "edition": 24, "published": "2012-09-14T00:00:00", "title": "RHEL 5 / 6 : libxslt (RHSA-2012:1265)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2012-09-14T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6.3", "p-cpe:/a:redhat:enterprise_linux:libxslt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libxslt-devel", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:libxslt-python", "p-cpe:/a:redhat:enterprise_linux:libxslt"], "id": "REDHAT-RHSA-2012-1265.NASL", "href": "https://www.tenable.com/plugins/nessus/62090", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1265. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62090);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\", \"CVE-2012-2893\");\n script_bugtraq_id(46785, 47668, 51911, 54203, 55331);\n script_xref(name:\"RHSA\", value:\"2012:1265\");\n\n script_name(english:\"RHEL 5 / 6 : libxslt (RHSA-2012:1265)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libxslt packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nlibxslt is a library for transforming XML files into other textual\nformats (including HTML, plain text, and other XML representations of\nthe underlying data) using the standard XSLT stylesheet transformation\nmechanism.\n\nA heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could\nuse this flaw to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation,\ncould cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker\ncould use these flaws to create a malicious XSL file that, when used\nby an application linked against libxslt to perform an XSL\ntransformation, could cause the application to crash. (CVE-2012-2825,\nCVE-2012-2870, CVE-2011-3970)\n\nAn information leak could occur if an application using libxslt\nprocessed an untrusted XPath expression, or used a malicious XSL file\nto perform an XSL transformation. If combined with other flaws, this\nleak could possibly help an attacker bypass intended memory corruption\nprotections. (CVE-2011-1202)\n\nAll libxslt users are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. All running\napplications linked against libxslt must be restarted for this update\nto take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2893\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxslt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1265\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"libxslt-1.1.17-4.el5_8.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"libxslt-debuginfo-1.1.17-4.el5_8.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"libxslt-devel-1.1.17-4.el5_8.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libxslt-python-1.1.17-4.el5_8.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"libxslt-python-1.1.17-4.el5_8.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libxslt-python-1.1.17-4.el5_8.3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"libxslt-1.1.26-2.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libxslt-debuginfo-1.1.26-2.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libxslt-devel-1.1.26-2.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"libxslt-python-1.1.26-2.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"libxslt-python-1.1.26-2.el6_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"libxslt-python-1.1.26-2.el6_3.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt / libxslt-debuginfo / libxslt-devel / libxslt-python\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:01:04", "description": "The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The xsltGenerateIdFunction function in functions.c in\n libxslt 1.1.26 and earlier, as used in Google Chrome\n before 10.0.648.127 and other products, allows remote\n attackers to obtain potentially sensitive information\n about heap memory addresses via an XML document\n containing a call to the XSLT generate-id XPath\n function. (CVE-2011-1202)\n\n - The XSL implementation in Google Chrome before\n 20.0.1132.43 allows remote attackers to cause a denial\n of service (incorrect read operation) via unspecified\n vectors. (CVE-2012-2825)\n\n - libxslt 1.1.26 and earlier, as used in Google Chrome\n before 21.0.1180.89, does not properly manage memory,\n which might allow remote attackers to cause a denial of\n service (application crash) via a crafted XSLT\n expression that is not properly identified during XPath\n navigation, related to (1) the\n xsltCompileLocationPathPattern function in\n libxslt/pattern.c and (2) the xsltGenerateIdFunction\n function in libxslt/functions.c. (CVE-2012-2870)\n\n - libxml2 2.9.0-rc1 and earlier, as used in Google Chrome\n before 21.0.1180.89, does not properly support a cast of\n an unspecified variable during handling of XSL\n transforms, which allows remote attackers to cause a\n denial of service or possibly have unknown other impact\n via a crafted document, related to the _xmlNs data\n structure in include/libxml/tree.h. (CVE-2012-2871)\n\n - Double free vulnerability in libxslt, as used in Google\n Chrome before 22.0.1229.79, allows remote attackers to\n cause a denial of service or possibly have unspecified\n other impact via vectors related to XSL transforms.\n (CVE-2012-2893)", "edition": 24, "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : libxslt (multiple_vulnerabilities_in_libxslt)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2012-2870"], "modified": "2015-01-19T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:libxslt", "cpe:/o:oracle:solaris:11.1"], "id": "SOLARIS11_LIBXSLT_20140114_2.NASL", "href": "https://www.tenable.com/plugins/nessus/80695", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80695);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1202\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\", \"CVE-2012-2893\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : libxslt (multiple_vulnerabilities_in_libxslt)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The xsltGenerateIdFunction function in functions.c in\n libxslt 1.1.26 and earlier, as used in Google Chrome\n before 10.0.648.127 and other products, allows remote\n attackers to obtain potentially sensitive information\n about heap memory addresses via an XML document\n containing a call to the XSLT generate-id XPath\n function. (CVE-2011-1202)\n\n - The XSL implementation in Google Chrome before\n 20.0.1132.43 allows remote attackers to cause a denial\n of service (incorrect read operation) via unspecified\n vectors. (CVE-2012-2825)\n\n - libxslt 1.1.26 and earlier, as used in Google Chrome\n before 21.0.1180.89, does not properly manage memory,\n which might allow remote attackers to cause a denial of\n service (application crash) via a crafted XSLT\n expression that is not properly identified during XPath\n navigation, related to (1) the\n xsltCompileLocationPathPattern function in\n libxslt/pattern.c and (2) the xsltGenerateIdFunction\n function in libxslt/functions.c. (CVE-2012-2870)\n\n - libxml2 2.9.0-rc1 and earlier, as used in Google Chrome\n before 21.0.1180.89, does not properly support a cast of\n an unspecified variable during handling of XSL\n transforms, which allows remote attackers to cause a\n denial of service or possibly have unknown other impact\n via a crafted document, related to the _xmlNs data\n structure in include/libxml/tree.h. (CVE-2012-2871)\n\n - Double free vulnerability in libxslt, as used in Google\n Chrome before 22.0.1229.79, allows remote attackers to\n cause a denial of service or possibly have unspecified\n other impact via vectors related to XSL transforms.\n (CVE-2012-2893)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-libxslt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6f9485f8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.4.5.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:libxslt\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^libxslt$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.4.0.5.0\", sru:\"SRU 4.5\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : libxslt\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"libxslt\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T06:59:43", "description": "The remote VMware ESX / ESXi host is missing a security-related patch.\nIt is, therefore, affected by multiple vulnerabilities, including\nremote code execution vulnerabilities, in several components and\nthird-party libraries :\n\n - Authentication Service\n - bind\n - libxml2\n - libxslt", "edition": 24, "published": "2016-03-04T00:00:00", "title": "VMware ESX / ESXi Authentication Service and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0001) (remote check)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-4244", "CVE-2012-2870", "CVE-2011-3102", "CVE-2012-2807", "CVE-2013-1405"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:vmware:esx", "cpe:/o:vmware:esxi"], "id": "VMWARE_ESX_VMSA-2013-0001_REMOTE.NASL", "href": "https://www.tenable.com/plugins/nessus/89661", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89661);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/15 20:50:24\");\n\n script_cve_id(\n \"CVE-2011-1202\",\n \"CVE-2011-3102\",\n \"CVE-2011-3970\",\n \"CVE-2012-2807\",\n \"CVE-2012-2825\",\n \"CVE-2012-2870\",\n \"CVE-2012-2871\",\n \"CVE-2012-4244\",\n \"CVE-2013-1405\"\n );\n script_bugtraq_id(\n 47668, \n 51911, \n 53540, \n 54203, \n 54718, \n 55331, \n 55522, \n 57666\n );\n script_xref(name:\"VMSA\", value:\"2013-0001\");\n\n script_name(english:\"VMware ESX / ESXi Authentication Service and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0001) (remote check)\");\n script_summary(english:\"Checks the version and build numbers of the remote host.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote VMware ESX / ESXi host is missing a security-related patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote VMware ESX / ESXi host is missing a security-related patch.\nIt is, therefore, affected by multiple vulnerabilities, including\nremote code execution vulnerabilities, in several components and\nthird-party libraries :\n\n - Authentication Service\n - bind\n - libxml2\n - libxslt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2013-0001.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the vendor advisory that\npertains to ESX version 3.5 / 4.0 / 4.1 or ESXi version 3.5 / 4.0 /\n4.1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"vmware_vsphere_detect.nbin\");\n script_require_keys(\"Host/VMware/version\", \"Host/VMware/release\");\n script_require_ports(\"Host/VMware/vsphere\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit(\"Host/VMware/version\");\nrel = get_kb_item_or_exit(\"Host/VMware/release\");\nport = get_kb_item_or_exit(\"Host/VMware/vsphere\");\nesx = '';\nbuild = 0;\nfix = FALSE;\n\nif (\"ESX\" >!< rel)\n audit(AUDIT_OS_NOT, \"VMware ESX/ESXi\");\n\nextract = eregmatch(pattern:\"^(ESXi?) (\\d\\.\\d).*$\", string:ver);\nif (empty_or_null(extract))\n audit(AUDIT_UNKNOWN_APP_VER, \"VMware ESX/ESXi\");\n\nesx = extract[1];\nver = extract[2];\n\nextract = eregmatch(pattern:'^VMware ESXi?.* build-([0-9]+)$', string:rel);\nif (isnull(extract))\n audit(AUDIT_UNKNOWN_BUILD, \"VMware \" + esx, ver);\n\nbuild = int(extract[1]);\n\nfixes = make_array(\n \"4.0\", 989856,\n \"4.1\", 988178,\n \"3.5\", 988599\n);\n\nfix = fixes[ver];\n\nif (!fix)\n audit(AUDIT_INST_VER_NOT_VULN, esx, ver, build);\n\nif (build < fix)\n{\n report = '\\n Version : ' + esx + \" \" + ver +\n '\\n Installed build : ' + build +\n '\\n Fixed build : ' + fix +\n '\\n';\n security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\n exit(0);\n}\nelse\n audit(AUDIT_INST_VER_NOT_VULN, \"VMware \" + esx, ver, build);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2018-01-06T13:07:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "Check for the Version of libxslt", "modified": "2018-01-04T00:00:00", "published": "2012-09-17T00:00:00", "id": "OPENVAS:881491", "href": "http://plugins.openvas.org/nasl.php?oid=881491", "type": "openvas", "title": "CentOS Update for libxslt CESA-2012:1265 centos5 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libxslt CESA-2012:1265 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n \n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n \n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n \n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\";\n\ntag_affected = \"libxslt on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018871.html\");\n script_id(881491);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:44:21 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1265\");\n script_name(\"CentOS Update for libxslt CESA-2012:1265 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.17~4.el5_8.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.17~4.el5_8.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.17~4.el5_8.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:03:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120479", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120479", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-123)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120479\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:27:23 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-123)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in libxslt. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update libxslt to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-123.html\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2871\", \"CVE-2012-2870\", \"CVE-2012-2825\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.26~2.7.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.7.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.7.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-debuginfo\", rpm:\"libxslt-debuginfo~1.1.26~2.7.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:56:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "Check for the Version of libxslt", "modified": "2017-12-29T00:00:00", "published": "2012-09-27T00:00:00", "id": "OPENVAS:864750", "href": "http://plugins.openvas.org/nasl.php?oid=864750", "type": "openvas", "title": "Fedora Update for libxslt FEDORA-2012-14083", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libxslt FEDORA-2012-14083\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libxslt on Fedora 17\";\ntag_insight = \"This C library allows to transform XML files into other XML files\n (or HTML, text, ...) using the standard XSLT stylesheet transformation\n mechanism. To use it you need to have a version of libxml2 &gt;= 2.6.27\n installed. The xsltproc command is a command line interface to the XSLT engine\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088273.html\");\n script_id(864750);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-27 09:05:40 +0530 (Thu, 27 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2871\",\n \"CVE-2012-2870\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-14083\");\n script_name(\"Fedora Update for libxslt FEDORA-2012-14083\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~10.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2012-09-17T00:00:00", "id": "OPENVAS:1361412562310870826", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870826", "type": "openvas", "title": "RedHat Update for libxslt RHSA-2012:1265-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for libxslt RHSA-2012:1265-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00020.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870826\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:40:43 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\",\n \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1265-01\");\n script_name(\"RedHat Update for libxslt RHSA-2012:1265-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n script_tag(name:\"affected\", value:\"libxslt on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n\n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n\n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n\n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-debuginfo\", rpm:\"libxslt-debuginfo~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-debuginfo\", rpm:\"libxslt-debuginfo~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "Oracle Linux Local Security Checks ELSA-2012-1265", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123820", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123820", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1265", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1265.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123820\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:08:59 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1265\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1265 - libxslt security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1265\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1265.html\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.17~4.0.1.el5_8.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.17~4.0.1.el5_8.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.17~4.0.1.el5_8.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.0.2.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.0.2.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.26~2.0.2.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-09-17T00:00:00", "id": "OPENVAS:1361412562310881494", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881494", "type": "openvas", "title": "CentOS Update for libxslt CESA-2012:1265 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libxslt CESA-2012:1265 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-September/018873.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881494\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:45:53 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\",\n \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1265\");\n script_name(\"CentOS Update for libxslt CESA-2012:1265 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"libxslt on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n\n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n\n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n\n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:58:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "Check for the Version of libxslt", "modified": "2017-12-28T00:00:00", "published": "2012-09-17T00:00:00", "id": "OPENVAS:870826", "href": "http://plugins.openvas.org/nasl.php?oid=870826", "type": "openvas", "title": "RedHat Update for libxslt RHSA-2012:1265-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for libxslt RHSA-2012:1265-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n\n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n\n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n\n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\";\n\ntag_affected = \"libxslt on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00020.html\");\n script_id(870826);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:40:43 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\",\n \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1265-01\");\n script_name(\"RedHat Update for libxslt RHSA-2012:1265-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-debuginfo\", rpm:\"libxslt-debuginfo~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-debuginfo\", rpm:\"libxslt-debuginfo~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-03T10:58:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "Check for the Version of libxslt", "modified": "2018-01-03T00:00:00", "published": "2012-09-17T00:00:00", "id": "OPENVAS:881494", "href": "http://plugins.openvas.org/nasl.php?oid=881494", "type": "openvas", "title": "CentOS Update for libxslt CESA-2012:1265 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libxslt CESA-2012:1265 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n \n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n \n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n \n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\";\n\ntag_affected = \"libxslt on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018873.html\");\n script_id(881494);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:45:53 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\",\n \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1265\");\n script_name(\"CentOS Update for libxslt CESA-2012:1265 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-09-17T00:00:00", "id": "OPENVAS:1361412562310881491", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881491", "type": "openvas", "title": "CentOS Update for libxslt CESA-2012:1265 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libxslt CESA-2012:1265 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-September/018871.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881491\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:44:21 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1265\");\n script_name(\"CentOS Update for libxslt CESA-2012:1265 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"libxslt on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n\n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n\n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n\n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.17~4.el5_8.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.17~4.el5_8.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.17~4.el5_8.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-09-27T00:00:00", "id": "OPENVAS:1361412562310864750", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864750", "type": "openvas", "title": "Fedora Update for libxslt FEDORA-2012-14083", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libxslt FEDORA-2012-14083\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088273.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864750\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-27 09:05:40 +0530 (Thu, 27 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2871\",\n \"CVE-2012-2870\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-14083\");\n script_name(\"Fedora Update for libxslt FEDORA-2012-14083\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"libxslt on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~10.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2011-3970", "CVE-2012-2825", "CVE-2012-2870", "CVE-2012-2871"], "description": "This C library allows to transform XML files into other XML files (or HTML, text, ...) using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 >=3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT eng ine ", "modified": "2012-09-27T04:27:12", "published": "2012-09-27T04:27:12", "id": "FEDORA:498E820A9F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: libxslt-1.1.26-9.fc16", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2011-3970", "CVE-2012-2825", "CVE-2012-2870", "CVE-2012-2871"], "description": "This C library allows to transform XML files into other XML files (or HTML, text, ...) using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 >=3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT eng ine ", "modified": "2012-09-26T09:11:57", "published": "2012-09-26T09:11:57", "id": "FEDORA:6829022A44", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: libxslt-1.1.26-10.fc17", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2011-3970", "CVE-2012-2825", "CVE-2012-2870", "CVE-2012-2871"], "description": "This C library allows to transform XML files into other XML files (or HTML, text, ...) using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 >=3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT eng ine ", "modified": "2012-12-09T06:31:24", "published": "2012-12-09T06:31:24", "id": "FEDORA:C70C120226", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: libxslt-1.1.27-2.fc18", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:33:22", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "Chris Evans discovered that libxslt incorrectly handled generate-id XPath \nfunctions. If a user or automated system were tricked into processing a \nspecially crafted XSLT document, a remote attacker could obtain potentially \nsensitive information. This issue only affected Ubuntu 8.04 LTS, Ubuntu \n10.04 LTS and Ubuntu 11.04. (CVE-2011-1202)\n\nIt was discovered that libxslt incorrectly parsed certain patterns. If a \nuser or automated system were tricked into processing a specially crafted \nXSLT document, a remote attacker could cause libxslt to crash, causing a \ndenial of service. (CVE-2011-3970)\n\nNicholas Gregoire discovered that libxslt incorrectly handled unexpected \nDTD nodes. If a user or automated system were tricked into processing a \nspecially crafted XSLT document, a remote attacker could cause libxslt to \ncrash, causing a denial of service. (CVE-2012-2825)\n\nNicholas Gregoire discovered that libxslt incorrectly managed memory. If a \nuser or automated system were tricked into processing a specially crafted \nXSLT document, a remote attacker could cause libxslt to crash, causing a \ndenial of service. (CVE-2012-2870)\n\nNicholas Gregoire discovered that libxslt incorrectly handled certain \ntransforms. If a user or automated system were tricked into processing a \nspecially crafted XSLT document, a remote attacker could cause libxslt to \ncrash, causing a denial of service, or possibly execute arbitrary code. \n(CVE-2012-2871)\n\nCris Neckar discovered that libxslt incorrectly managed memory. If a user \nor automated system were tricked into processing a specially crafted XSLT \ndocument, a remote attacker could cause libxslt to crash, causing a denial \nof service, or possibly execute arbitrary code. (CVE-2012-2893)", "edition": 5, "modified": "2012-10-04T00:00:00", "published": "2012-10-04T00:00:00", "id": "USN-1595-1", "href": "https://ubuntu.com/security/notices/USN-1595-1", "title": "libxslt vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:26:20", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1265\n\n\nlibxslt is a library for transforming XML files into other textual formats\n(including HTML, plain text, and other XML representations of the\nunderlying data) using the standard XSLT stylesheet transformation\nmechanism.\n\nA heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could use\nthis flaw to create a malicious XSL file that, when used by an application\nlinked against libxslt to perform an XSL transformation, could cause the\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the user running the application. (CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker could\nuse these flaws to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation, could\ncause the application to crash. (CVE-2012-2825, CVE-2012-2870,\nCVE-2011-3970)\n\nAn information leak could occur if an application using libxslt processed\nan untrusted XPath expression, or used a malicious XSL file to perform an\nXSL transformation. If combined with other flaws, this leak could possibly\nhelp an attacker bypass intended memory corruption protections.\n(CVE-2011-1202)\n\nAll libxslt users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. All running\napplications linked against libxslt must be restarted for this update to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-September/030909.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-September/030911.html\n\n**Affected packages:**\nlibxslt\nlibxslt-devel\nlibxslt-python\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1265.html", "edition": 5, "modified": "2012-09-13T20:54:25", "published": "2012-09-13T18:02:29", "href": "http://lists.centos.org/pipermail/centos-announce/2012-September/030909.html", "id": "CESA-2012:1265", "title": "libxslt security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:48", "bulletinFamily": "software", "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "Information leakages, DoS conditions, memory corruptions.", "edition": 1, "modified": "2012-10-05T00:00:00", "published": "2012-10-05T00:00:00", "id": "SECURITYVULNS:VULN:12615", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12615", "title": "libxslt multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1595-1\r\nOctober 04, 2012\r\n\r\nlibxslt vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 12.04 LTS\r\n- Ubuntu 11.10\r\n- Ubuntu 11.04\r\n- Ubuntu 10.04 LTS\r\n- Ubuntu 8.04 LTS\r\n\r\nSummary:\r\n\r\nApplications using libxslt could be made to crash or run programs as your\r\nlogin if they processed a specially crafted file.\r\n\r\nSoftware Description:\r\n- libxslt: XSLT processing library\r\n\r\nDetails:\r\n\r\nChris Evans discovered that libxslt incorrectly handled generate-id XPath\r\nfunctions. If a user or automated system were tricked into processing a\r\nspecially crafted XSLT document, a remote attacker could obtain potentially\r\nsensitive information. This issue only affected Ubuntu 8.04 LTS, Ubuntu\r\n10.04 LTS and Ubuntu 11.04. &#40;CVE-2011-1202&#41;\r\n\r\nIt was discovered that libxslt incorrectly parsed certain patterns. If a\r\nuser or automated system were tricked into processing a specially crafted\r\nXSLT document, a remote attacker could cause libxslt to crash, causing a\r\ndenial of service. &#40;CVE-2011-3970&#41;\r\n\r\nNicholas Gregoire discovered that libxslt incorrectly handled unexpected\r\nDTD nodes. If a user or automated system were tricked into processing a\r\nspecially crafted XSLT document, a remote attacker could cause libxslt to\r\ncrash, causing a denial of service. &#40;CVE-2012-2825&#41;\r\n\r\nNicholas Gregoire discovered that libxslt incorrectly managed memory. If a\r\nuser or automated system were tricked into processing a specially crafted\r\nXSLT document, a remote attacker could cause libxslt to crash, causing a\r\ndenial of service. &#40;CVE-2012-2870&#41;\r\n\r\nNicholas Gregoire discovered that libxslt incorrectly handled certain\r\ntransforms. If a user or automated system were tricked into processing a\r\nspecially crafted XSLT document, a remote attacker could cause libxslt to\r\ncrash, causing a denial of service, or possibly execute arbitrary code.\r\n&#40;CVE-2012-2871&#41;\r\n\r\nCris Neckar discovered that libxslt incorrectly managed memory. If a user\r\nor automated system were tricked into processing a specially crafted XSLT\r\ndocument, a remote attacker could cause libxslt to crash, causing a denial\r\nof service, or possibly execute arbitrary code. &#40;CVE-2012-2893&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 12.04 LTS:\r\n libxslt1.1 1.1.26-8ubuntu1.2\r\n\r\nUbuntu 11.10:\r\n libxslt1.1 1.1.26-7ubuntu0.1\r\n\r\nUbuntu 11.04:\r\n libxslt1.1 1.1.26-6ubuntu0.1\r\n\r\nUbuntu 10.04 LTS:\r\n libxslt1.1 1.1.26-1ubuntu1.1\r\n\r\nUbuntu 8.04 LTS:\r\n libxslt1.1 1.1.22-1ubuntu1.3\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1595-1\r\n CVE-2011-1202, CVE-2011-3970, CVE-2012-2825, CVE-2012-2870,\r\n CVE-2012-2871, CVE-2012-2893\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/libxslt/1.1.26-8ubuntu1.2\r\n https://launchpad.net/ubuntu/+source/libxslt/1.1.26-7ubuntu0.1\r\n https://launchpad.net/ubuntu/+source/libxslt/1.1.26-6ubuntu0.1\r\n https://launchpad.net/ubuntu/+source/libxslt/1.1.26-1ubuntu1.1\r\n https://launchpad.net/ubuntu/+source/libxslt/1.1.22-1ubuntu1.3\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "edition": 1, "modified": "2012-10-05T00:00:00", "published": "2012-10-05T00:00:00", "id": "SECURITYVULNS:DOC:28605", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28605", "title": "[USN-1595-1] libxslt vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:48", "bulletinFamily": "software", "cvelist": ["CVE-2012-2825"], "description": "No description provided", "edition": 1, "modified": "2012-07-30T00:00:00", "published": "2012-07-30T00:00:00", "id": "SECURITYVULNS:VULN:12494", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12494", "title": "libxslt DoS", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:45", "bulletinFamily": "software", "cvelist": ["CVE-2012-2825"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2012:109\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : libxslt\r\n Date : July 23, 2012\r\n Affected: 2011., Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been discovered and corrected in libxslt:\r\n \r\n The XSL implementation in libxslt allows remote attackers to cause a\r\n denial of service &#40;incorrect read operation&#41; via unspecified vectors\r\n &#40;CVE-2012-2825&#41;.\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2825\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2011:\r\n 5478c30ece46a9790270b60d7e596d97 2011/i586/libxslt1-1.1.26-4.2-mdv2011.0.i586.rpm\r\n 1c36a1e2dbbce726b348bdfc7be0cf00 2011/i586/libxslt-devel-1.1.26-4.2-mdv2011.0.i586.rpm\r\n c6e1622a15d00cfb756552e6d460427d 2011/i586/python-libxslt-1.1.26-4.2-mdv2011.0.i586.rpm\r\n 3a64731760598b368609c318c57d897f 2011/i586/xsltproc-1.1.26-4.2-mdv2011.0.i586.rpm \r\n d5b59fa350c0a3b58b46ea7d0f2d77cf 2011/SRPMS/libxslt-1.1.26-4.2.src.rpm\r\n\r\n Mandriva Linux 2011/X86_64:\r\n cf3431f296bfb9ed3e819d996ece1285 2011/x86_64/lib64xslt1-1.1.26-4.2-mdv2011.0.x86_64.rpm\r\n f0b2203f52383de39d57acf2ef616e91 2011/x86_64/lib64xslt-devel-1.1.26-4.2-mdv2011.0.x86_64.rpm\r\n 0bf58a5c43e2a00252abbcd9614ed249 2011/x86_64/python-libxslt-1.1.26-4.2-mdv2011.0.x86_64.rpm\r\n 79b4f442e57ae917cc10f62496f7c157 2011/x86_64/xsltproc-1.1.26-4.2-mdv2011.0.x86_64.rpm \r\n d5b59fa350c0a3b58b46ea7d0f2d77cf 2011/SRPMS/libxslt-1.1.26-4.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 9812c69006dc5f1a70343f9ddf6782fb mes5/i586/libxslt1-1.1.24-3.2mdvmes5.2.i586.rpm\r\n 9136b7990be6055a73b04442ca43c502 mes5/i586/libxslt-devel-1.1.24-3.2mdvmes5.2.i586.rpm\r\n 449579ced2ab4f715ab7e7ff3285c311 mes5/i586/libxslt-proc-1.1.24-3.2mdvmes5.2.i586.rpm\r\n 7bf549969ace3d5a4e00a2755f062dec mes5/i586/python-libxslt-1.1.24-3.2mdvmes5.2.i586.rpm \r\n 36713ea60977852e9da45fcac1cd65fe mes5/SRPMS/libxslt-1.1.24-3.2mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n c7a3d34d5f3690c98cf56e81dc19c11d mes5/x86_64/lib64xslt1-1.1.24-3.2mdvmes5.2.x86_64.rpm\r\n cf4b8b1e4df4425a51cf0ffc593f5038 mes5/x86_64/lib64xslt-devel-1.1.24-3.2mdvmes5.2.x86_64.rpm\r\n 1f00c1a5519ecb8e9d77c9a4bfd002bb mes5/x86_64/libxslt-proc-1.1.24-3.2mdvmes5.2.x86_64.rpm\r\n d1b80cce3d860813a2deb3dd9210a26e mes5/x86_64/python-libxslt-1.1.24-3.2mdvmes5.2.x86_64.rpm \r\n 36713ea60977852e9da45fcac1cd65fe mes5/SRPMS/libxslt-1.1.24-3.2mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFQDUcimqjQ0CJFipgRAr6AAKDEE/LN+SMYOh664q7Cqt2mwvkWeACguH08\r\naWQk6J0i7d19MsDlSF3V2Ec=\r\n=iUm3\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-07-30T00:00:00", "published": "2012-07-30T00:00:00", "id": "SECURITYVULNS:DOC:28337", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28337", "title": "[ MDVSA-2012:109 ] libxslt", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:46", "bulletinFamily": "software", "cvelist": ["CVE-2011-3970"], "description": "No description provided", "edition": 1, "modified": "2012-03-09T00:00:00", "published": "2012-03-09T00:00:00", "id": "SECURITYVULNS:VULN:12227", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12227", "title": "libxslt out-of-bounds read", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:38", "bulletinFamily": "software", "cvelist": ["CVE-2011-3970"], "description": "iDefense Security Advisory 02.08.11\r\nhttp://labs.idefense.com/intelligence/vulnerabilities/\r\nFeb 08, 2011\r\n\r\nI. BACKGROUND\r\n\r\nThe Windows Picture and Fax Viewer &quot;shimgvw.dll&quot; library is used by\r\nWindows Explorer to generate thumbnail previews for media files.\r\n\r\nII. DESCRIPTION\r\n\r\nRemote exploitation of a buffer overflow vulnerability in multiple\r\nversions of Microsoft Corp.&#39;s Windows could allow attackers to execute\r\narbitrary code on the targeted host. &lt;BR&gt;&lt;BR&gt; An integer overflow\r\nvulnerability exists in the &quot;shimgvw&quot; library. During the processing of\r\nan image within a certain function, a bitmap containing a large\r\n&quot;biWidth&quot; value can be used to cause an integer calculation overflow.\r\nThis condition can lead to the overflow of a heap buffer and may result\r\nin the execute arbitrary code on the targeted host.\r\n\r\nIII. ANALYSIS\r\n\r\nExploitation could allow attackers to execute arbitrary code on the\r\ntargeted host under the privileges of the current logged-on user.\r\nSuccessful exploitation would require the attacker to entice his or her\r\nvictim into viewing a specially-crafted thumbnail leveraging the\r\nvulnerability. &lt;BR&gt;&lt;BR&gt; Some vectors of attack include e-mail, the\r\nbrowser and network shares. In an e-mail-based attack, the attacker\r\nmust entice his or her victim into opening or previewing a\r\nspecially-crafted Office document containing a specially-crafted\r\nthumbnail. In a browser-based attack, the victim must simply view a\r\nmaliciously crafted website. In a network share attack, such as UNC or\r\nWebDAV, an attacker would require the victim to simply navigate to the\r\nfolder containing the crafted thumbnail.\r\n\r\nIV. DETECTION\r\n\r\niDefense has confirmed the existence of this vulnerability in Microsoft\r\nWindows XP SP3. A full list of vulnerable Microsoft products can be\r\nfound in Microsoft Security Bulletin MS11-006.\r\n\r\nV. WORKAROUND\r\n\r\nMicrosoft has included an automated Microsoft Fix it solution for the\r\nModify the Access Control List &#40;ACL&#41; on shimgvw.dll workaround, which\r\ncan be found at the following link:\r\n\r\nhttp://support.microsoft.com/kb/2483185\r\n\r\nVI. VENDOR RESPONSE\r\n\r\nMicrosoft Corp. has released patches which address this issue.\r\nInformation about downloadable vendor updates can be found by clicking\r\non the URLs shown.\r\n\r\nhttp://www.microsoft.com/technet/security/bulletin/ms11-006.mspx\r\n\r\nVII. CVE INFORMATION\r\n\r\nThe Common Vulnerabilities and Exposures &#40;CVE&#41; project has assigned the\r\nname CVE-2011-3970 to this issue. This is a candidate for inclusion in\r\nthe CVE list &#40;http://cve.mitre.org/&#41;, which standardizes names for\r\nsecurity problems.\r\n\r\nVIII. DISCLOSURE TIMELINE\r\n\r\n01/12/2011 Initial Vendor Notification\r\n01/12/2011 Initial Vendor Reply\r\n02/08/2011 Coordinated Public Disclosure\r\n\r\nIX. CREDIT\r\n\r\nThis vulnerability was reported to iDefense by Kobi Pariente and Yaniv\r\nMiron.\r\n\r\nGet paid for vulnerability research\r\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\r\n\r\nFree tools, research and upcoming events\r\nhttp://labs.idefense.com/\r\n\r\nX. LEGAL NOTICES\r\n\r\nCopyright \u00a9 2011 iDefense, Inc.\r\n\r\nPermission is granted for the redistribution of this alert\r\nelectronically. It may not be edited in any way without the express\r\nwritten consent of iDefense. If you wish to reprint the whole or any\r\npart of this alert in any other medium other than electronically,\r\nplease e-mail customerservice@idefense.com for permission.\r\n\r\nDisclaimer: The information in the advisory is believed to be accurate\r\nat the time of publishing based on currently available information. Use\r\nof the information constitutes acceptance for use in an AS IS condition.\r\n There are no warranties with regard to this information. Neither the\r\nauthor nor the publisher accepts any liability for any direct,\r\nindirect, or consequential loss or damage arising from use of, or\r\nreliance on, this information.", "edition": 1, "modified": "2011-02-11T00:00:00", "published": "2011-02-11T00:00:00", "id": "SECURITYVULNS:DOC:25656", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25656", "title": "iDefense Security Advisory 02.08.11: Microsoft Windows Picture and Fax Viewer Library", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:43", "bulletinFamily": "software", "cvelist": ["CVE-2011-3970"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2012:028\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : libxslt\r\n Date : March 1, 2012\r\n Affected: 2010.1, 2011., Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been found and corrected in libxslt:\r\n \r\n libxslt allows remote attackers to cause a denial of service\r\n &#40;out-of-bounds read&#41; via unspecified vectors &#40;CVE-2011-3970&#41;.\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3970\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2010.1:\r\n 7105403e6d3766f56733500bc390b57d 2010.1/i586/libxslt1-1.1.26-2.1mdv2010.2.i586.rpm\r\n fe6398d612630b8830a3d4f38baab0a9 2010.1/i586/libxslt-devel-1.1.26-2.1mdv2010.2.i586.rpm\r\n bf669c0f2e3c19e0423f4d58aaf5528b 2010.1/i586/python-libxslt-1.1.26-2.1mdv2010.2.i586.rpm\r\n 350006eef33b8f9635784ce2b8b7294c 2010.1/i586/xsltproc-1.1.26-2.1mdv2010.2.i586.rpm \r\n cbf2bd0f097af0fd7561733e8c0c22f7 2010.1/SRPMS/libxslt-1.1.26-2.1mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2010.1/X86_64:\r\n 3139811d767ff8989b2946a8d1d19586 2010.1/x86_64/lib64xslt1-1.1.26-2.1mdv2010.2.x86_64.rpm\r\n ef13c6145ac33b1e3801d40af2f42bdb 2010.1/x86_64/lib64xslt-devel-1.1.26-2.1mdv2010.2.x86_64.rpm\r\n a76dcaf17801b80d5876d34b43afb79c 2010.1/x86_64/python-libxslt-1.1.26-2.1mdv2010.2.x86_64.rpm\r\n 1085bd30db1a1cb27d73a7e7592d19b2 2010.1/x86_64/xsltproc-1.1.26-2.1mdv2010.2.x86_64.rpm \r\n cbf2bd0f097af0fd7561733e8c0c22f7 2010.1/SRPMS/libxslt-1.1.26-2.1mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2011:\r\n 7fe61ac2a16098bfbcedfeb4836d51b5 2011/i586/libxslt1-1.1.26-4.1-mdv2011.0.i586.rpm\r\n caf731aa8c93c120de1195064f1e09a1 2011/i586/libxslt-devel-1.1.26-4.1-mdv2011.0.i586.rpm\r\n e3d24bc79e4380b2db4cafbd575d00a6 2011/i586/python-libxslt-1.1.26-4.1-mdv2011.0.i586.rpm\r\n b346aad00c3e796c34282b540693e789 2011/i586/xsltproc-1.1.26-4.1-mdv2011.0.i586.rpm \r\n 651051524a508fdd300ca5d6f78aacb3 2011/SRPMS/libxslt-1.1.26-4.1.src.rpm\r\n\r\n Mandriva Linux 2011/X86_64:\r\n 22148a94a5dedc72bb16d0a7c092ff8e 2011/x86_64/lib64xslt1-1.1.26-4.1-mdv2011.0.x86_64.rpm\r\n b6f69cc33f8a9b809480cb001203e764 2011/x86_64/lib64xslt-devel-1.1.26-4.1-mdv2011.0.x86_64.rpm\r\n 96dde49301b4652e6c42fe6150280bb6 2011/x86_64/python-libxslt-1.1.26-4.1-mdv2011.0.x86_64.rpm\r\n 036ee20bfa3a947e9009815de034a2d1 2011/x86_64/xsltproc-1.1.26-4.1-mdv2011.0.x86_64.rpm \r\n 651051524a508fdd300ca5d6f78aacb3 2011/SRPMS/libxslt-1.1.26-4.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 15672fbb14335dfec4bf6078cd2d2ab5 mes5/i586/libxslt1-1.1.24-3.1mdvmes5.2.i586.rpm\r\n bed7b920b662906995cbe79e5e3a9a8d mes5/i586/libxslt-devel-1.1.24-3.1mdvmes5.2.i586.rpm\r\n e614109a5f89d407f20aa34222b2d5d5 mes5/i586/libxslt-proc-1.1.24-3.1mdvmes5.2.i586.rpm\r\n 2992dc23d56830546526acfa3bfc7091 mes5/i586/python-libxslt-1.1.24-3.1mdvmes5.2.i586.rpm \r\n 9eff0e1e3bb3c4574dbd5b4bf54a3cc3 mes5/SRPMS/libxslt-1.1.24-3.1mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n b366c6605b0166f50f4e803f1e90cb6a mes5/x86_64/lib64xslt1-1.1.24-3.1mdvmes5.2.x86_64.rpm\r\n 7524535fca69c093b805409538f96729 mes5/x86_64/lib64xslt-devel-1.1.24-3.1mdvmes5.2.x86_64.rpm\r\n 81e7c3326ddba43847b2752c205f37ae mes5/x86_64/libxslt-proc-1.1.24-3.1mdvmes5.2.x86_64.rpm\r\n 1f399a6035e97dd9c1ce85becc54c26b mes5/x86_64/python-libxslt-1.1.24-3.1mdvmes5.2.x86_64.rpm \r\n 9eff0e1e3bb3c4574dbd5b4bf54a3cc3 mes5/SRPMS/libxslt-1.1.24-3.1mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFPTwJEmqjQ0CJFipgRAh82AJ9WxBkcwoqalQxholl2CmA2HUYWQACeMBGk\r\nJ0g50SFPQuU0d1bgJMWsLzE=\r\n=tRUy\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-03-09T00:00:00", "published": "2012-03-09T00:00:00", "id": "SECURITYVULNS:DOC:27719", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27719", "title": "[ MDVSA-2012:028 ] libxslt", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-1202"], "description": "Mozilla Foundation Security Advisory 2011-18\r\n\r\nTitle: XSLT generate-id&#40;&#41; function heap address leak\r\nImpact: Low\r\nAnnounced: April 28, 2011\r\nReporter: Chris Evans\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 4.0.1\r\nFirefox 3.6.17\r\nFirefox 3.5.19\r\nSeaMonkey 2.0.14\r\nDescription\r\n\r\nChris Evans of the Chrome Security Team reported that the XSLT generate-id&#40;&#41; function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system.\r\n\r\n https://bugzilla.mozilla.org/show_bug.cgi?id=640339\r\n CVE-2011-1202\r\n", "edition": 1, "modified": "2011-05-01T00:00:00", "published": "2011-05-01T00:00:00", "id": "SECURITYVULNS:DOC:26243", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26243", "title": "Mozilla Foundation Security Advisory 2011-18", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:50", "bulletinFamily": "software", "cvelist": ["CVE-2012-2825", "CVE-2013-4520"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:006\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : libxslt\r\n Date : January 16, 2014\r\n Affected: Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been discovered and corrected in ejabberd:\r\n \r\n xslt.c in libxslt before 1.1.25 allows context-dependent attackers\r\n to cause a denial of service &#40;crash&#41; via a stylesheet that embeds a\r\n DTD, which causes a structure to be accessed as a different type.\r\n NOTE: this issue is due to an incomplete fix for CVE-2012-2825\r\n &#40;CVE-2013-4520&#41;.\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4520\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n 407874c5ea7e392c07649a0e0e632923 mes5/i586/libxslt1-1.1.24-3.5mdvmes5.2.i586.rpm\r\n b63b9d0072a25cad9cad2bd0bbc4c9f2 mes5/i586/libxslt-devel-1.1.24-3.5mdvmes5.2.i586.rpm\r\n 679a497180b32d567486dc5162c6d7ad mes5/i586/libxslt-proc-1.1.24-3.5mdvmes5.2.i586.rpm\r\n 99f52b6ed31f93b65cb4cd77827f42f0 mes5/i586/python-libxslt-1.1.24-3.5mdvmes5.2.i586.rpm \r\n 6dafabb779ced6b46a4ce854a0120459 mes5/SRPMS/libxslt-1.1.24-3.5mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 34d7d6f66394059ab207f165098d0e61 mes5/x86_64/lib64xslt1-1.1.24-3.5mdvmes5.2.x86_64.rpm\r\n 101e3ff312bf499c7aa5e7656060c04b mes5/x86_64/lib64xslt-devel-1.1.24-3.5mdvmes5.2.x86_64.rpm\r\n 9d70abdc2ee7a25177a0e9138e723c7f mes5/x86_64/libxslt-proc-1.1.24-3.5mdvmes5.2.x86_64.rpm\r\n 928ebd9d861a145055786949d71ee0f9 mes5/x86_64/python-libxslt-1.1.24-3.5mdvmes5.2.x86_64.rpm \r\n 6dafabb779ced6b46a4ce854a0120459 mes5/SRPMS/libxslt-1.1.24-3.5mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFS1+pgmqjQ0CJFipgRAiQJAJ96V/cZ1Mj0LD7j345jjaZz4FXjhACcC69y\r\n13yLLasjnw+7v6K1d9jgrV0=\r\n=08LZ\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2014-01-19T00:00:00", "published": "2014-01-19T00:00:00", "id": "SECURITYVULNS:DOC:30244", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30244", "title": "[ MDVSA-2014:006 ] libxslt", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:50", "bulletinFamily": "software", "cvelist": ["CVE-2012-2825", "CVE-2012-6139", "CVE-2013-4520"], "description": "Crash on XSLT documents parsing.", "edition": 1, "modified": "2014-01-19T00:00:00", "published": "2014-01-19T00:00:00", "id": "SECURITYVULNS:VULN:12980", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12980", "title": "libxslt DoS", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-12-11T13:33:03", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2011-3970", "CVE-2012-2825", "CVE-2012-2870", "CVE-2012-2871", "CVE-2012-2893"], "description": "libxslt is a library for transforming XML files into other textual formats\n(including HTML, plain text, and other XML representations of the\nunderlying data) using the standard XSLT stylesheet transformation\nmechanism.\n\nA heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could use\nthis flaw to create a malicious XSL file that, when used by an application\nlinked against libxslt to perform an XSL transformation, could cause the\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the user running the application. (CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker could\nuse these flaws to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation, could\ncause the application to crash. (CVE-2012-2825, CVE-2012-2870,\nCVE-2011-3970)\n\nAn information leak could occur if an application using libxslt processed\nan untrusted XPath expression, or used a malicious XSL file to perform an\nXSL transformation. If combined with other flaws, this leak could possibly\nhelp an attacker bypass intended memory corruption protections.\n(CVE-2011-1202)\n\nAll libxslt users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. All running\napplications linked against libxslt must be restarted for this update to\ntake effect.\n", "modified": "2018-06-06T20:24:08", "published": "2012-09-13T04:00:00", "id": "RHSA-2012:1265", "href": "https://access.redhat.com/errata/RHSA-2012:1265", "type": "redhat", "title": "(RHSA-2012:1265) Important: libxslt security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:02", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2011-3102", "CVE-2011-3970", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2390", "CVE-2012-2807", "CVE-2012-2825", "CVE-2012-2870", "CVE-2012-2871", "CVE-2012-2893", "CVE-2012-3430", "CVE-2012-3445", "CVE-2012-3480", "CVE-2012-3515", "CVE-2012-3524", "CVE-2012-3552", "CVE-2012-4244"], "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way QEMU handled VT100 terminal escape sequences\nwhen emulating certain character devices. A guest user with privileges to\nwrite to a character device that is emulated on the host using a virtual\nconsole back-end could use this flaw to crash the qemu-kvm process on the\nhost or, possibly, escalate their privileges on the host. (CVE-2012-3515)\n\nThis flaw did not affect the default use of Red Hat Enterprise\nVirtualization Hypervisor: it is not possible to add a device that uses a\nvirtual console back-end via Red Hat Enterprise Virtualization Manager.\n\nTo specify a virtual console back-end for a device and therefore be\nvulnerable to this issue, the device would have to be created another way,\nfor example, by using a VDSM hook. Note that at this time hooks can only be\nused on Red Hat Enterprise Linux hosts, not Red Hat Enterprise\nVirtualization Hypervisor.\n\nMultiple integer overflow flaws, leading to stack-based buffer overflows,\nwere found in glibc's functions for converting a string to a numeric\nrepresentation (strtod(), strtof(), and strtold()). If an application used\nsuch a function on attacker controlled input, it could cause the\napplication to crash or, potentially, execute arbitrary code.\n(CVE-2012-3480)\n\nRed Hat would like to thank the Xen project for reporting the CVE-2012-3515\nissue.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2012-4244 (bind issue)\n\nCVE-2012-3524 (dbus issue)\n\nCVE-2012-2313, CVE-2012-2384, CVE-2012-2390, CVE-2012-3430, and\nCVE-2012-3552 (kernel issues)\n\nCVE-2012-3445 (libvirt issue)\n\nCVE-2011-3102 and CVE-2012-2807 (libxml2 issues)\n\nCVE-2011-1202, CVE-2011-3970, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871,\nand CVE-2012-2893 (libxslt issues)\n\nThis updated Red Hat Enterprise Virtualization Hypervisor package also\nfixes the following bug:\n\n* Previously, the Manager listed all installed Hypervisor ISO images as\navailable even when they did not support the VDSM compatibility version\nrequired by the selected host. The rhev-hypervisor6 package now maintains a\ntext file for each installed ISO image. The file lists the VDSM\ncompatibility versions supported by the relevant ISO image. The Manager\nuses this information to ensure that only those Hypervisor ISO images that\nare relevant to the selected host are listed. (BZ#856827)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues.\n", "modified": "2018-06-07T08:59:44", "published": "2012-10-02T04:00:00", "id": "RHSA-2012:1325", "href": "https://access.redhat.com/errata/RHSA-2012:1325", "type": "redhat", "title": "(RHSA-2012:1325) Important: rhev-hypervisor6 security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "cve": [{"lastseen": "2020-12-09T19:39:11", "description": "libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.", "edition": 9, "cvss3": {}, "published": "2012-02-09T04:10:00", "title": "CVE-2011-3970", "type": "cve", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3970"], "modified": "2020-09-09T15:15:00", "cpe": ["cpe:/a:xmlsoft:libxslt:1.1.26", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:suse:linux_enterprise_software_development_kit:11", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:suse:linux_enterprise_desktop:11"], "id": "CVE-2011-3970", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.26:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:20", "description": "The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.", "edition": 5, "cvss3": {}, "published": "2012-06-27T10:18:00", "title": "CVE-2012-2825", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2825"], "modified": "2014-01-28T04:45:00", "cpe": ["cpe:/a:google:chrome:20.0.1132.1", "cpe:/a:google:chrome:20.0.1132.29", "cpe:/a:google:chrome:20.0.1132.31", "cpe:/a:google:chrome:20.0.1132.34", "cpe:/a:google:chrome:20.0.1132.4", "cpe:/a:google:chrome:20.0.1132.28", "cpe:/a:google:chrome:20.0.1132.20", "cpe:/a:google:chrome:20.0.1132.12", "cpe:/a:google:chrome:20.0.1132.41", "cpe:/a:google:chrome:20.0.1132.30", "cpe:/a:google:chrome:20.0.1132.25", "cpe:/a:google:chrome:20.0.1132.16", "cpe:/a:google:chrome:20.0.1132.21", "cpe:/a:google:chrome:20.0.1132.35", "cpe:/a:google:chrome:20.0.1132.19", "cpe:/a:google:chrome:20.0.1132.38", "cpe:/a:google:chrome:20.0.1132.14", "cpe:/a:google:chrome:20.0.1132.5", "cpe:/a:google:chrome:20.0.1132.3", "cpe:/a:google:chrome:20.0.1132.24", "cpe:/a:google:chrome:20.0.1132.8", "cpe:/a:google:chrome:20.0.1132.10", "cpe:/a:google:chrome:20.0.1132.15", "cpe:/a:google:chrome:20.0.1132.2", "cpe:/a:google:chrome:20.0.1132.22", "cpe:/a:google:chrome:20.0.1132.37", "cpe:/a:google:chrome:20.0.1132.0", "cpe:/a:google:chrome:20.0.1132.32", "cpe:/a:google:chrome:20.0.1132.18", "cpe:/a:google:chrome:20.0.1132.13", "cpe:/a:google:chrome:20.0.1132.23", "cpe:/a:google:chrome:20.0.1132.26", "cpe:/a:google:chrome:20.0.1132.9", "cpe:/a:google:chrome:20.0.1132.42", "cpe:/a:google:chrome:20.0.1132.33", "cpe:/a:google:chrome:20.0.1132.7", "cpe:/a:google:chrome:20.0.1132.17", "cpe:/a:google:chrome:20.0.1132.11", "cpe:/a:google:chrome:20.0.1132.27", "cpe:/a:google:chrome:20.0.1132.39", "cpe:/a:google:chrome:20.0.1132.36", "cpe:/a:google:chrome:20.0.1132.6", "cpe:/a:google:chrome:20.0.1132.40"], "id": "CVE-2012-2825", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2825", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:20.0.1132.35:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.27:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.23:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.30:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.34:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.22:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.19:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.21:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.24:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.36:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.25:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.17:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.7:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.6:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.37:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.28:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.42:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.39:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.15:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.40:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.29:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.8:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.32:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.10:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.33:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.26:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:20.0.1132.38:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:20", "description": "libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.", "edition": 5, "cvss3": {}, "published": "2012-08-31T19:55:00", "title": "CVE-2012-2870", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2870"], "modified": "2014-01-28T04:45:00", "cpe": ["cpe:/a:xmlsoft:libxslt:1.1.15", "cpe:/a:xmlsoft:libxslt:1.1.16", "cpe:/a:google:chrome:21.0.1180.72", "cpe:/o:apple:iphone_os:1.1.0", "cpe:/a:xmlsoft:libxslt:1.1.19", "cpe:/a:google:chrome:21.0.1180.71", "cpe:/o:apple:iphone_os:4.2.1", "cpe:/a:xmlsoft:libxslt:1.1.26", "cpe:/o:apple:iphone_os:5.0", "cpe:/o:apple:iphone_os:2.0.0", "cpe:/a:google:chrome:21.0.1180.47", "cpe:/a:google:chrome:21.0.1180.35", "cpe:/o:apple:iphone_os:3.0", "cpe:/o:apple:iphone_os:4.1", "cpe:/o:apple:iphone_os:2.2.1", "cpe:/o:apple:iphone_os:6.0", "cpe:/o:apple:iphone_os:2.0.1", "cpe:/a:xmlsoft:libxslt:1.1.10", "cpe:/a:google:chrome:21.0.1180.80", "cpe:/o:apple:iphone_os:6.1.3", "cpe:/o:apple:iphone_os:4.3.0", "cpe:/a:google:chrome:21.0.1180.36", "cpe:/o:apple:iphone_os:4.2.5", "cpe:/a:google:chrome:21.0.1180.83", "cpe:/o:apple:iphone_os:3.0.1", "cpe:/a:xmlsoft:libxslt:1.1.9", "cpe:/o:apple:iphone_os:5.1.1", "cpe:/a:google:chrome:21.0.1180.56", "cpe:/a:google:chrome:21.0.1180.37", "cpe:/o:apple:iphone_os:6.0.1", "cpe:/a:google:chrome:21.0.1180.38", "cpe:/a:google:chrome:21.0.1180.78", "cpe:/o:apple:iphone_os:4.3.2", "cpe:/a:xmlsoft:libxslt:1.1.23", "cpe:/a:google:chrome:21.0.1180.85", "cpe:/a:google:chrome:21.0.1180.50", "cpe:/a:xmlsoft:libxslt:1.1.22", "cpe:/a:google:chrome:21.0.1180.84", "cpe:/a:xmlsoft:libxslt:1.1.12", "cpe:/o:apple:iphone_os:6.1.4", "cpe:/o:apple:iphone_os:6.1.2", "cpe:/o:apple:iphone_os:4.0.2", "cpe:/o:apple:iphone_os:3.1.3", "cpe:/a:google:chrome:21.0.1180.69", "cpe:/a:google:chrome:21.0.1180.54", "cpe:/a:xmlsoft:libxslt:1.1.14", "cpe:/a:google:chrome:21.0.1180.62", "cpe:/a:google:chrome:21.0.1180.46", "cpe:/a:xmlsoft:libxslt:1.1.18", "cpe:/a:google:chrome:21.0.1180.61", "cpe:/a:google:chrome:21.0.1180.60", "cpe:/a:google:chrome:21.0.1180.41", "cpe:/o:apple:iphone_os:4.0.1", "cpe:/o:apple:iphone_os:6.1", "cpe:/o:apple:iphone_os:2.1", "cpe:/a:xmlsoft:libxslt:1.1.21", "cpe:/a:google:chrome:21.0.1180.77", "cpe:/o:apple:iphone_os:4.0", "cpe:/a:google:chrome:21.0.1180.74", "cpe:/a:google:chrome:21.0.1180.86", "cpe:/a:google:chrome:21.0.1180.49", "cpe:/a:google:chrome:21.0.1180.63", "cpe:/o:apple:iphone_os:2.0", "cpe:/o:apple:iphone_os:1.1.2", "cpe:/a:xmlsoft:libxslt:1.1.13", "cpe:/a:google:chrome:21.0.1180.34", "cpe:/a:google:chrome:21.0.1180.64", "cpe:/a:google:chrome:21.0.1180.33", "cpe:/a:google:chrome:21.0.1180.75", "cpe:/o:apple:iphone_os:6.0.2", "cpe:/o:apple:iphone_os:1.1.4", "cpe:/a:google:chrome:21.0.1180.70", "cpe:/o:apple:iphone_os:3.1", "cpe:/a:google:chrome:21.0.1180.52", "cpe:/a:google:chrome:21.0.1180.31", "cpe:/a:google:chrome:21.0.1180.59", "cpe:/o:apple:iphone_os:4.2.8", "cpe:/a:xmlsoft:libxslt:1.1.8", "cpe:/o:apple:iphone_os:4.3.3", "cpe:/o:apple:iphone_os:5.0.1", "cpe:/a:google:chrome:21.0.1180.73", "cpe:/a:xmlsoft:libxslt:1.1.20", "cpe:/o:apple:iphone_os:1.1.1", "cpe:/a:google:chrome:21.0.1180.82", "cpe:/a:xmlsoft:libxslt:1.1.11", "cpe:/a:google:chrome:21.0.1180.51", "cpe:/a:google:chrome:21.0.1180.32", "cpe:/o:apple:iphone_os:5.1", "cpe:/a:google:chrome:21.0.1180.81", "cpe:/o:apple:iphone_os:2.2", "cpe:/a:google:chrome:21.0.1180.53", "cpe:/o:apple:iphone_os:3.2.1", "cpe:/a:google:chrome:21.0.1180.55", "cpe:/a:xmlsoft:libxslt:1.1.17", "cpe:/o:apple:iphone_os:2.0.2", "cpe:/a:google:chrome:21.0.1180.2", "cpe:/a:google:chrome:21.0.1180.76", "cpe:/a:google:chrome:21.0.1180.57", "cpe:/o:apple:iphone_os:1.1.3", "cpe:/a:google:chrome:21.0.1180.79", "cpe:/a:google:chrome:21.0.1180.88", "cpe:/o:apple:iphone_os:1.0.2", "cpe:/o:apple:iphone_os:2.1.1", "cpe:/a:google:chrome:21.0.1180.39", "cpe:/o:apple:iphone_os:3.2.2", "cpe:/o:apple:iphone_os:3.2", "cpe:/a:google:chrome:21.0.1180.0", "cpe:/o:apple:iphone_os:3.1.2", "cpe:/a:google:chrome:21.0.1180.87", "cpe:/a:google:chrome:21.0.1180.68", "cpe:/a:google:chrome:21.0.1180.1", "cpe:/o:apple:iphone_os:1.1.5", "cpe:/o:apple:iphone_os:1.0.0", "cpe:/o:apple:iphone_os:1.0.1", "cpe:/a:xmlsoft:libxslt:1.1.24", "cpe:/o:apple:iphone_os:4.3.5", "cpe:/o:apple:iphone_os:4.3.1", "cpe:/a:google:chrome:21.0.1180.48"], "id": "CVE-2012-2870", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2870", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:21.0.1180.75:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.21:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.77:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.38:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.83:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.49:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.37:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.73:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.68:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.48:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.35:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.69:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.55:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.63:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.36:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.33:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.59:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.22:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.84:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.80:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.86:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.23:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.57:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.51:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.72:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.54:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.74:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:5.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.87:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.60:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.70:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.26:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.71:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.62:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.20:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.53:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.88:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.61:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.52:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.56:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.24:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.78:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.81:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.39:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.64:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.47:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.50:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.85:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.46:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.79:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.82:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.34:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxslt:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.32:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.76:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:20", "description": "libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.\nPer: http://cwe.mitre.org/data/definitions/704.html\n\n'CWE-704: Incorrect Type Conversion or Cast'", "edition": 5, "cvss3": {}, "published": "2012-08-31T19:55:00", "title": "CVE-2012-2871", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2871"], "modified": "2017-08-29T01:31:00", "cpe": ["cpe:/a:google:chrome:21.0.1180.72", "cpe:/o:apple:iphone_os:1.1.0", "cpe:/a:google:chrome:21.0.1180.71", "cpe:/o:apple:iphone_os:4.2.1", "cpe:/o:apple:iphone_os:5.0", "cpe:/o:apple:iphone_os:2.0.0", "cpe:/a:google:chrome:21.0.1180.47", "cpe:/a:google:chrome:21.0.1180.35", "cpe:/o:apple:iphone_os:3.0", "cpe:/o:apple:iphone_os:4.1", "cpe:/o:apple:iphone_os:2.2.1", "cpe:/o:apple:iphone_os:6.0", "cpe:/o:apple:iphone_os:2.0.1", "cpe:/a:google:chrome:21.0.1180.80", "cpe:/o:apple:iphone_os:6.1.3", "cpe:/o:apple:iphone_os:4.3.0", "cpe:/a:google:chrome:21.0.1180.36", "cpe:/o:apple:iphone_os:4.2.5", "cpe:/a:google:chrome:21.0.1180.83", "cpe:/o:apple:iphone_os:3.0.1", "cpe:/o:apple:iphone_os:5.1.1", "cpe:/a:google:chrome:21.0.1180.56", "cpe:/a:google:chrome:21.0.1180.37", "cpe:/o:apple:iphone_os:6.0.1", "cpe:/a:google:chrome:21.0.1180.38", "cpe:/a:google:chrome:21.0.1180.78", "cpe:/o:apple:iphone_os:4.3.2", "cpe:/a:google:chrome:21.0.1180.85", "cpe:/a:google:chrome:21.0.1180.50", "cpe:/a:google:chrome:21.0.1180.84", "cpe:/o:apple:iphone_os:6.1.4", "cpe:/o:apple:iphone_os:6.1.2", "cpe:/o:apple:iphone_os:4.0.2", "cpe:/o:apple:iphone_os:3.1.3", "cpe:/a:google:chrome:21.0.1180.69", "cpe:/a:google:chrome:21.0.1180.54", "cpe:/a:google:chrome:21.0.1180.62", "cpe:/a:google:chrome:21.0.1180.46", "cpe:/a:google:chrome:21.0.1180.61", "cpe:/a:google:chrome:21.0.1180.60", "cpe:/a:google:chrome:21.0.1180.41", "cpe:/o:apple:iphone_os:4.0.1", "cpe:/o:apple:iphone_os:6.1", "cpe:/o:apple:iphone_os:2.1", "cpe:/a:google:chrome:21.0.1180.77", "cpe:/o:apple:iphone_os:4.0", "cpe:/a:google:chrome:21.0.1180.74", "cpe:/a:google:chrome:21.0.1180.86", "cpe:/a:google:chrome:21.0.1180.49", "cpe:/a:google:chrome:21.0.1180.63", "cpe:/o:apple:iphone_os:2.0", "cpe:/o:apple:iphone_os:1.1.2", "cpe:/a:google:chrome:21.0.1180.34", "cpe:/a:google:chrome:21.0.1180.64", "cpe:/a:google:chrome:21.0.1180.33", "cpe:/a:google:chrome:21.0.1180.75", "cpe:/o:apple:iphone_os:6.0.2", "cpe:/o:apple:iphone_os:1.1.4", "cpe:/a:google:chrome:21.0.1180.70", "cpe:/o:apple:iphone_os:3.1", "cpe:/a:google:chrome:21.0.1180.52", "cpe:/a:google:chrome:21.0.1180.31", "cpe:/a:google:chrome:21.0.1180.59", "cpe:/o:apple:iphone_os:4.2.8", "cpe:/o:apple:iphone_os:4.3.3", "cpe:/o:apple:iphone_os:5.0.1", "cpe:/a:google:chrome:21.0.1180.73", "cpe:/o:apple:iphone_os:1.1.1", "cpe:/a:google:chrome:21.0.1180.82", "cpe:/a:google:chrome:21.0.1180.51", "cpe:/a:google:chrome:21.0.1180.32", "cpe:/o:apple:iphone_os:5.1", "cpe:/a:google:chrome:21.0.1180.81", "cpe:/o:apple:iphone_os:2.2", "cpe:/a:google:chrome:21.0.1180.53", "cpe:/o:apple:iphone_os:3.2.1", "cpe:/a:google:chrome:21.0.1180.55", "cpe:/o:apple:iphone_os:2.0.2", "cpe:/a:google:chrome:21.0.1180.2", "cpe:/a:google:chrome:21.0.1180.76", "cpe:/a:google:chrome:21.0.1180.57", "cpe:/o:apple:iphone_os:1.1.3", "cpe:/a:google:chrome:21.0.1180.79", "cpe:/a:google:chrome:21.0.1180.88", "cpe:/o:apple:iphone_os:1.0.2", "cpe:/o:apple:iphone_os:2.1.1", "cpe:/a:google:chrome:21.0.1180.39", "cpe:/o:apple:iphone_os:3.2.2", "cpe:/o:apple:iphone_os:3.2", "cpe:/a:google:chrome:21.0.1180.0", "cpe:/o:apple:iphone_os:3.1.2", "cpe:/a:google:chrome:21.0.1180.87", "cpe:/a:google:chrome:21.0.1180.68", "cpe:/a:google:chrome:21.0.1180.1", "cpe:/a:xmlsoft:libxml2:2.9.0", "cpe:/o:apple:iphone_os:1.1.5", "cpe:/o:apple:iphone_os:1.0.0", "cpe:/o:apple:iphone_os:1.0.1", "cpe:/o:apple:iphone_os:4.3.5", "cpe:/o:apple:iphone_os:4.3.1", "cpe:/a:google:chrome:21.0.1180.48"], "id": "CVE-2012-2871", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2871", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:21.0.1180.75:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.77:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.41:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.38:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.83:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.49:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.37:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.73:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.68:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.48:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.35:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.69:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.55:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.63:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.36:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.33:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.59:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.84:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.80:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.86:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.57:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.51:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.72:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.54:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.74:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:5.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.87:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.60:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.70:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.71:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.62:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.53:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.88:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.61:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.52:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.56:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.78:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.81:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.39:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.64:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.47:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.50:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.85:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.46:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.79:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.82:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.34:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.32:*:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:21.0.1180.76:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:05", "description": "The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.", "edition": 6, "cvss3": {}, "published": "2011-03-11T02:01:00", "title": "CVE-2011-1202", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1202"], "modified": "2020-06-04T14:16:00", "cpe": ["cpe:/a:xmlsoft:libxslt:1.1.26"], "id": "CVE-2011-1202", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1202", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:xmlsoft:libxslt:1.1.26:*:*:*:*:*:*:*"]}], "android": [{"lastseen": "2020-12-24T13:21:14", "bulletinFamily": "software", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825"], "description": "A series of vulnerabilities in XSL in WebKit that allow denial of service and other effects", "edition": 2, "modified": "2019-07-08T00:00:00", "published": "2011-02-22T00:00:00", "id": "ANDROID:ANDROID_BROWSER_EXPLOIT_WEBKIT", "href": "http://www.androidvulnerabilities.org/vulnerabilities/Android_Browser_Exploit_WebKit.html", "title": "Android Browser Exploit WebKit", "type": "android", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "vmware": [{"lastseen": "2019-11-06T16:05:37", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-4244", "CVE-2012-2870", "CVE-2011-3102", "CVE-2012-2807", "CVE-2013-1405"], "description": "a. VMware vSphere client-side authentication memory corruption vulnerability \n \nVMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the handling of the management authentication protocol. To exploit this vulnerability, an attacker must convince either vCenter Server, vSphere Client or ESX to interact with a malicious server as a client. Exploitation of the issue may lead to code execution on the client system. \nTo reduce the likelihood of exploitation, vSphere components should be deployed on an isolated management network. \n \nThe Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2013-1405 to this issue. \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "edition": 4, "modified": "2013-05-30T00:00:00", "published": "2013-01-31T00:00:00", "id": "VMSA-2013-0001", "href": "https://www.vmware.com/security/advisories/VMSA-2013-0001.html", "title": "VMware vSphere security updates for the authentication service and third party libraries", "type": "vmware", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "thn": [{"lastseen": "2018-01-27T10:07:05", "bulletinFamily": "info", "cvelist": ["CVE-2012-2871", "CVE-2012-2825"], "description": "[](<https://2.bp.blogspot.com/-ph9849etA0Y/VbJBYm7PQnI/AAAAAAAAjrQ/Eko3iTWiNrc/s1600/android-hacking-tool.jpg>)\n\nAs digging deeper and deeper into the [huge Hacking Team data dump](<https://thehackernews.com/2015/07/Italian-hacking-team-software.html>), security researchers are finding more and more source code, including an advanced Android Hacking Tool.\n\n \n\n\nYes, this time researchers have found a source code to a new piece of weaponized android malware that had the capability to infect millions of Android devices even when users are running latest versions of the android mobile operating system.\n\n \n\n\nTrend Micro researchers [found](<http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-rcsandroid-spying-tool-listens-to-calls-roots-devices-to-get-in/>) that the Italian spyware company was selling **RCSAndroid (Remote Control System Android)**, which they says, is one of the_ \"most professionally developed and sophisticated\"_ pieces of Android malware a.k.a Android hacking tool they have ever seen.\n\n \n\n\nRCSAndroid is a sophisticated, real-world surveillance and hacking tool that provides even unskilled hackers to deploy one of the world's more advanced surveillance suites for Google's mobile operating system Android.\n\n \n\n\n### List of Creepy Features of Android Hacking Tool\n\n \n\n\nOnce installed on targets' devices, RCSAndroid would have helped government and law enforcement agencies around the world to completely compromise and monitor Android devices remotely. \n\n \n\n\nHere are some of the features of RCSAndroid include the ability to:\n\n * Capture screenshots using the 'screencap' command and framebuffer direct reading\n * Collect passwords for Wi-Fi networks and online accounts, including WhatsApp, Facebook, Twitter, Google, Skype, and LinkedIn\n * Collect SMS, MMS, and Gmail messages\n * Capture real-time voice calls in any network or application by hooking into the 'mediaserver' system service\n * Capture photos using the front and back cameras\n * Monitor clipboard content\n * Record using the microphone\n * Record location\n * Gather device information\n * Collect contacts and decode messages from IM accounts, including WhatsApp, Telegram, Facebook Messenger, Skype, WeChat, Viber, Line, Hangouts, and BlackBerry Messenger.\n \n\n\nRCSAndroid Android hacking tool had been in the wild since 2012 and has been known to Citizen Lab researchers since last year when the security firm [detailed a Hacking Team backdoor](<https://thehackernews.com/2014/02/hacking-team-sold-spyware-to-21.html>) used against Android users in Saudi Arabia.\n\n \n\n\n### How RCSAndroid hacking tool infects a Target?\n\n \n\n\nRCSAndroid uses two different methods to infect targeted Android devices.\n\n \n\n\n**1\\. **[Hacking Team](<https://thehackernews.com/2015/07/flash-zero-day-vulnerability.html>) used text and email messages containing specially crafted URLs that triggered exploits for several vulnerabilities (CVE-2012-2825 and CVE-2012-2871) present in the default browsers of Android 4.0 Ice Cream to 4.3 Jelly Bean, allowing the attacker to gain root privileges, and install the RCSAndroid APK.\n\n \n\n\n**2\\. **The company used backdoor apps such as \"BeNews\" available on the official Google Play Store to take advantage of a local privilege escalation bug to root the device and install the RCSAndroid agent.\n\n \n\n\n### **RCSAndroid has**** 4 'critical components'**:\n\n * **Penetration solutions** \u2013 Methods to get into the device, either via SMS or email or a legitimate app\n * **Low-level native code** \u2013 Advanced exploits and spy tools beyond Android's security framework\n * **High-level Java agent** \u2013 The application's malicious APK\n * **Command-and-control (C&amp;C) servers **\u2013 Servers used to remotely send or receive malicious commands\n \n\n\nGiven that the source code of RCSAndroid is now available to everybody, it will likely put Android users in danger. So, if you own a smartphone running any **_Android version from 4.0 Ice Cream to 4.3 Jelly Bean_**, you need to** 'Get Rid of it Today**.'\n\n> _\"The leaked RCSAndroid code is a commercial weapon now in the wild,\" _security researchers wrote in a blog post. _\"Mobile users are called on to be on top of this news and be on guard for signs of monitoring. Some indicators may come in the form of peculiar behavior such as unexpected rebooting, finding unfamiliar apps installed, or instant messaging apps suddenly freezing.\"_\n\nUsers of **[Android 5.0 Lollipop](<https://thehackernews.com/2014/10/7-things-about-android-lollipop-50-you_18.html>)** may also be in danger of being targeted, as some emails sent among Hacking Team executives indicates that \"Hacking Team was in the process of developing exploits for Android 5.0 Lollipop,\" but so far there is no such indication.\n", "modified": "2015-07-24T13:52:43", "published": "2015-07-24T02:52:00", "id": "THN:94494D23203FCCEB0318F9EF729CCE70", "href": "https://thehackernews.com/2015/07/android-hacking-tool.html", "type": "thn", "title": "RCSAndroid \u2014 Advanced Android Hacking Tool Leaked Online", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:25:32", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2870"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2555-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nOctober 05, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libxslt\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-2870 CVE-2012-2871 CVE-2012-2893\n\nNicholas Gregoire and Cris Neckar discovered several memory handling\nbugs in libxslt, which could lead to denial of service or the execution\nof arbitrary code if a malformed document is processed.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 1.1.26-6+squeeze2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.1.26-14.\n\nWe recommend that you upgrade your libxslt packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2012-10-05T16:45:23", "published": "2012-10-05T16:45:23", "id": "DEBIAN:DSA-2555-1:F69D3", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00199.html", "title": "[SECURITY] [DSA 2555-1] libxslt security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:29", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3970"], "edition": 1, "description": "### Background\n\nlibxslt is the XSLT C library developed for the GNOME project. XSLT is an XML language to define transformations for XML. \n\n### Description\n\nAn out of bounds read error has been found in libxslt/pattern.c in libxslt. \n\n### Impact\n\nA remote attacker could entice a user to process an XML file using a specially crafted XSLT stylesheet in an application linked against libxslt, possibly resulting in a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll libxslt users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/libxslt-1.1.26-r3\"", "modified": "2012-03-06T00:00:00", "published": "2012-03-06T00:00:00", "id": "GLSA-201203-08", "href": "https://security.gentoo.org/glsa/201203-08", "type": "gentoo", "title": "libxslt: Denial of Service", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "mozilla": [{"lastseen": "2016-09-05T13:37:39", "bulletinFamily": "software", "cvelist": ["CVE-2011-1202"], "edition": 1, "description": "Chris Evans of the Chrome Security Team reported\nthat the XSLT generate-id() function returned a string that revealed\na specific valid address of an object on the memory heap. It is possible\nthat in some cases this address would be valuable information that could\nbe used by an attacker while exploiting a different memory corruption\nbut, in order to make an exploit more reliable or work around mitigation\nfeatures in the browser or operating system.", "modified": "2011-04-28T00:00:00", "published": "2011-04-28T00:00:00", "id": "MFSA2011-18", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2011-18/", "type": "mozilla", "title": "XSLT generate-id() function heap address leak", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "suse": [{"lastseen": "2016-09-04T12:21:16", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2869", "CVE-2012-2867", "CVE-2012-2871", "CVE-2012-2868", "CVE-2012-2865", "CVE-2012-2866", "CVE-2012-2872", "CVE-2012-2870"], "description": "Chromium was updated to 21.0.1180.88 to fix various bugs\n and security issues. Security fixes and rewards:\n\n Please see the Chromium security\n page&lt;<a rel=\"nofollow\" href=\"http://sites.google.com/a/chromium.org/dev/Home/chromiu\">http://sites.google.com/a/chromium.org/dev/Home/chromiu</a>\n m-security&gt;for more detail. Note that the referenced bugs\n may be kept private until a majority of our users are up to\n date with the fix.\n\n\n - [$500]\n [121347&lt;<a rel=\"nofollow\" href=\"https://code.google.com/p/chromium/issues/detail?id=\">https://code.google.com/p/chromium/issues/detail?id=</a>\n 121347&gt;] Medium CVE-2012-2865: Out-of-bounds read in line\n breaking. Credit to miaubiz.\n - [$1000]\n [134897&lt;<a rel=\"nofollow\" href=\"https://code.google.com/p/chromium/issues/detail?id=\">https://code.google.com/p/chromium/issues/detail?id=</a>\n 134897&gt;] High CVE-2012-2866: Bad cast with run-ins. Credit\n to miaubiz.\n - [135485\n &lt;<a rel=\"nofollow\" href=\"https://code.google.com/p/chromium/issues/detail?id=135485\">https://code.google.com/p/chromium/issues/detail?id=135485</a>&gt;\n ] Low CVE-2012-2867: Browser crash with SPDY.\n - [$500]\n [136881&lt;<a rel=\"nofollow\" href=\"https://code.google.com/p/chromium/issues/detail?id=\">https://code.google.com/p/chromium/issues/detail?id=</a>\n 136881&gt;] Medium CVE-2012-2868: Race condition with workers\n and XHR. Credit to miaubiz.\n - [137778\n &lt;<a rel=\"nofollow\" href=\"https://code.google.com/p/chromium/issues/detail?id=137778\">https://code.google.com/p/chromium/issues/detail?id=137778</a>&gt;\n ] High CVE-2012-2869: Avoid stale buffer in URL loading.\n Credit to Fermin Serna of the Google Security Team.\n - [138672\n &lt;<a rel=\"nofollow\" href=\"https://code.google.com/p/chromium/issues/detail?id=138672\">https://code.google.com/p/chromium/issues/detail?id=138672</a>&gt;\n ] [ 140368\n &lt;<a rel=\"nofollow\" href=\"https://code.google.com/p/chromium/issues/detail?id=140368\">https://code.google.com/p/chromium/issues/detail?id=140368</a>&gt;\n ] LowCVE-2012-2870: Lower severity memory management issues\n in XPath. Credit to Nicolas Gregoire.\n - [$1000]\n [138673&lt;<a rel=\"nofollow\" href=\"https://code.google.com/p/chromium/issues/detail?id=\">https://code.google.com/p/chromium/issues/detail?id=</a>\n 138673&gt;] High CVE-2012-2871: Bad cast in XSL transforms.\n Credit to Nicolas Gregoire.\n - [$500]\n [142956&lt;<a rel=\"nofollow\" href=\"https://code.google.com/p/chromium/issues/detail?id=\">https://code.google.com/p/chromium/issues/detail?id=</a>\n 142956&gt;] Medium CVE-2012-2872: XSS in SSL interstitial.\n Credit to Emmanuel Bronshtein.\n\n", "edition": 1, "modified": "2012-09-19T11:08:47", "published": "2012-09-19T11:08:47", "id": "OPENSUSE-SU-2012:1215-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html", "title": "chromium: update to 21.0.1180.88 (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2016-09-26T17:24:35", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2869", "CVE-2012-2867", "CVE-2012-2871", "CVE-2012-2868", "CVE-2012-2865", "CVE-2012-2866", "CVE-2012-2872", "CVE-2012-2870"], "edition": 1, "description": "\nGoogle Chrome Releases reports:\n\n[121347] Medium CVE-2012-2865: Out-of-bounds read in line breaking.\n\t Credit to miaubiz.\n[134897] High CVE-2012-2866: Bad cast with run-ins. Credit to\n\t miaubiz.\n[135485] Low CVE-2012-2867: Browser crash with SPDY.\n[136881] Medium CVE-2012-2868: Race condition with workers and XHR.\n\t Credit to miaubiz.\n[137778] High CVE-2012-2869: Avoid stale buffer in URL loading.\n\t Credit to Fermin Serna of the Google Security Team.\n[138672] [140368] Low CVE-2012-2870: Lower severity memory\n\t management issues in XPath. Credit to Nicolas Gregoire.\n[138673] High CVE-2012-2871: Bad cast in XSL transforms. Credit to\n\t Nicolas Gregoire.\n[142956] Medium CVE-2012-2872: XSS in SSL interstitial. Credit to\n\t Emmanuel Bronshtein.\n\n", "modified": "2012-08-30T00:00:00", "published": "2012-08-30T00:00:00", "href": "https://vuxml.freebsd.org/freebsd/ee68923d-f2f5-11e1-8014-00262d5ed8ee.html", "id": "EE68923D-F2F5-11E1-8014-00262D5ED8EE", "title": "chromium -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}