Lucene search
HistoryNov 28, 2012 - 1:55 a.m.
CVE-2012-5134
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
High
0.044 Low
EPSS
Percentile
92.4%
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.
Affected configurations
Node
googlechromeRangeβ€23.0.1271.89
ORgooglechromeMatch23.0.1271.0
ORgooglechromeMatch23.0.1271.1
ORgooglechromeMatch23.0.1271.2
ORgooglechromeMatch23.0.1271.3
ORgooglechromeMatch23.0.1271.4
ORgooglechromeMatch23.0.1271.5
ORgooglechromeMatch23.0.1271.6
ORgooglechromeMatch23.0.1271.7
ORgooglechromeMatch23.0.1271.8
ORgooglechromeMatch23.0.1271.10
ORgooglechromeMatch23.0.1271.11
ORgooglechromeMatch23.0.1271.12
ORgooglechromeMatch23.0.1271.13
ORgooglechromeMatch23.0.1271.14
ORgooglechromeMatch23.0.1271.15
ORgooglechromeMatch23.0.1271.16
ORgooglechromeMatch23.0.1271.17
ORgooglechromeMatch23.0.1271.18
ORgooglechromeMatch23.0.1271.19
ORgooglechromeMatch23.0.1271.20
ORgooglechromeMatch23.0.1271.21
ORgooglechromeMatch23.0.1271.22
ORgooglechromeMatch23.0.1271.23
ORgooglechromeMatch23.0.1271.24
ORgooglechromeMatch23.0.1271.26
ORgooglechromeMatch23.0.1271.30
ORgooglechromeMatch23.0.1271.31
ORgooglechromeMatch23.0.1271.32
ORgooglechromeMatch23.0.1271.33
ORgooglechromeMatch23.0.1271.35
ORgooglechromeMatch23.0.1271.36
ORgooglechromeMatch23.0.1271.37
ORgooglechromeMatch23.0.1271.38
ORgooglechromeMatch23.0.1271.39
ORgooglechromeMatch23.0.1271.40
ORgooglechromeMatch23.0.1271.41
ORgooglechromeMatch23.0.1271.44
ORgooglechromeMatch23.0.1271.45
ORgooglechromeMatch23.0.1271.46
ORgooglechromeMatch23.0.1271.49
ORgooglechromeMatch23.0.1271.50
ORgooglechromeMatch23.0.1271.51
ORgooglechromeMatch23.0.1271.52
ORgooglechromeMatch23.0.1271.53
ORgooglechromeMatch23.0.1271.54
ORgooglechromeMatch23.0.1271.55
ORgooglechromeMatch23.0.1271.56
ORgooglechromeMatch23.0.1271.57
ORgooglechromeMatch23.0.1271.58
ORgooglechromeMatch23.0.1271.60
ORgooglechromeMatch23.0.1271.61
ORgooglechromeMatch23.0.1271.62
ORgooglechromeMatch23.0.1271.64
ORgooglechromeMatch23.0.1271.83
ORgooglechromeMatch23.0.1271.84
ORgooglechromeMatch23.0.1271.85
ORgooglechromeMatch23.0.1271.86
ORgooglechromeMatch23.0.1271.87
ORgooglechromeMatch23.0.1271.88
ORxmlsoftlibxml2Rangeβ€2.9.0
ORxmlsoftlibxml2Match1.7.0
ORxmlsoftlibxml2Match1.7.1
ORxmlsoftlibxml2Match1.7.2
ORxmlsoftlibxml2Match1.7.3
ORxmlsoftlibxml2Match1.7.4
ORxmlsoftlibxml2Match1.8.0
ORxmlsoftlibxml2Match1.8.1
ORxmlsoftlibxml2Match1.8.2
ORxmlsoftlibxml2Match1.8.3
ORxmlsoftlibxml2Match1.8.4
ORxmlsoftlibxml2Match1.8.5
ORxmlsoftlibxml2Match1.8.6
ORxmlsoftlibxml2Match1.8.7
ORxmlsoftlibxml2Match1.8.9
ORxmlsoftlibxml2Match1.8.10
ORxmlsoftlibxml2Match1.8.13
ORxmlsoftlibxml2Match1.8.14
ORxmlsoftlibxml2Match1.8.16
ORxmlsoftlibxml2Match2.0.0
ORxmlsoftlibxml2Match2.1.0
ORxmlsoftlibxml2Match2.1.1
ORxmlsoftlibxml2Match2.2.0
ORxmlsoftlibxml2Match2.2.0beta
ORxmlsoftlibxml2Match2.2.1
ORxmlsoftlibxml2Match2.2.2
ORxmlsoftlibxml2Match2.2.3
ORxmlsoftlibxml2Match2.2.4
ORxmlsoftlibxml2Match2.2.5
ORxmlsoftlibxml2Match2.2.6
ORxmlsoftlibxml2Match2.2.7
ORxmlsoftlibxml2Match2.2.8
ORxmlsoftlibxml2Match2.2.9
ORxmlsoftlibxml2Match2.2.10
ORxmlsoftlibxml2Match2.2.11
ORxmlsoftlibxml2Match2.3.0
ORxmlsoftlibxml2Match2.3.1
ORxmlsoftlibxml2Match2.3.2
ORxmlsoftlibxml2Match2.3.3
ORxmlsoftlibxml2Match2.3.4
ORxmlsoftlibxml2Match2.3.5
ORxmlsoftlibxml2Match2.3.6
ORxmlsoftlibxml2Match2.3.7
ORxmlsoftlibxml2Match2.3.8
ORxmlsoftlibxml2Match2.3.9
ORxmlsoftlibxml2Match2.3.10
ORxmlsoftlibxml2Match2.3.11
ORxmlsoftlibxml2Match2.3.12
ORxmlsoftlibxml2Match2.3.13
ORxmlsoftlibxml2Match2.3.14
ORxmlsoftlibxml2Match2.4.1
ORxmlsoftlibxml2Match2.4.2
ORxmlsoftlibxml2Match2.4.3
ORxmlsoftlibxml2Match2.4.4
ORxmlsoftlibxml2Match2.4.5
ORxmlsoftlibxml2Match2.4.6
ORxmlsoftlibxml2Match2.4.7
ORxmlsoftlibxml2Match2.4.8
ORxmlsoftlibxml2Match2.4.9
ORxmlsoftlibxml2Match2.4.10
ORxmlsoftlibxml2Match2.4.11
ORxmlsoftlibxml2Match2.4.12
ORxmlsoftlibxml2Match2.4.13
ORxmlsoftlibxml2Match2.4.14
ORxmlsoftlibxml2Match2.4.15
ORxmlsoftlibxml2Match2.4.16
ORxmlsoftlibxml2Match2.4.17
ORxmlsoftlibxml2Match2.4.18
ORxmlsoftlibxml2Match2.4.19
ORxmlsoftlibxml2Match2.4.20
ORxmlsoftlibxml2Match2.4.21
ORxmlsoftlibxml2Match2.4.22
ORxmlsoftlibxml2Match2.4.23
ORxmlsoftlibxml2Match2.4.24
ORxmlsoftlibxml2Match2.4.25
ORxmlsoftlibxml2Match2.4.26
ORxmlsoftlibxml2Match2.4.27
ORxmlsoftlibxml2Match2.4.28
ORxmlsoftlibxml2Match2.4.29
ORxmlsoftlibxml2Match2.4.30
ORxmlsoftlibxml2Match2.5.0
ORxmlsoftlibxml2Match2.5.4
ORxmlsoftlibxml2Match2.5.7
ORxmlsoftlibxml2Match2.5.8
ORxmlsoftlibxml2Match2.5.10
ORxmlsoftlibxml2Match2.5.11
ORxmlsoftlibxml2Match2.6.0
ORxmlsoftlibxml2Match2.6.1
ORxmlsoftlibxml2Match2.6.2
ORxmlsoftlibxml2Match2.6.3
ORxmlsoftlibxml2Match2.6.4
ORxmlsoftlibxml2Match2.6.5
ORxmlsoftlibxml2Match2.6.6
ORxmlsoftlibxml2Match2.6.7
ORxmlsoftlibxml2Match2.6.8
ORxmlsoftlibxml2Match2.6.9
ORxmlsoftlibxml2Match2.6.11
ORxmlsoftlibxml2Match2.6.12
ORxmlsoftlibxml2Match2.6.13
ORxmlsoftlibxml2Match2.6.14
ORxmlsoftlibxml2Match2.6.16
ORxmlsoftlibxml2Match2.6.17
ORxmlsoftlibxml2Match2.6.18
ORxmlsoftlibxml2Match2.6.20
ORxmlsoftlibxml2Match2.6.22
ORxmlsoftlibxml2Match2.6.26
ORxmlsoftlibxml2Match2.6.27
ORxmlsoftlibxml2Match2.6.30
ORxmlsoftlibxml2Match2.6.32
ORxmlsoftlibxml2Match2.7.0
ORxmlsoftlibxml2Match2.7.1
ORxmlsoftlibxml2Match2.7.2
ORxmlsoftlibxml2Match2.7.3
ORxmlsoftlibxml2Match2.7.4
ORxmlsoftlibxml2Match2.7.5
ORxmlsoftlibxml2Match2.7.6
ORxmlsoftlibxml2Match2.7.7
ORxmlsoftlibxml2Match2.9.0rc1
Node
appleiphone_osRangeβ€6.1.4
ORappleiphone_osMatch1.0.0
ORappleiphone_osMatch1.0.1
ORappleiphone_osMatch1.0.2
ORappleiphone_osMatch1.1.0
ORappleiphone_osMatch1.1.1
ORappleiphone_osMatch1.1.2
ORappleiphone_osMatch1.1.3
ORappleiphone_osMatch1.1.4
ORappleiphone_osMatch1.1.5
ORappleiphone_osMatch2.0
ORappleiphone_osMatch2.0.0
ORappleiphone_osMatch2.0.1
ORappleiphone_osMatch2.0.2
ORappleiphone_osMatch2.1
ORappleiphone_osMatch2.1.1
ORappleiphone_osMatch2.2
ORappleiphone_osMatch2.2.1
ORappleiphone_osMatch3.0
ORappleiphone_osMatch3.0.1
ORappleiphone_osMatch3.1
ORappleiphone_osMatch3.1.2
ORappleiphone_osMatch3.1.3
ORappleiphone_osMatch3.2
ORappleiphone_osMatch3.2.1
ORappleiphone_osMatch3.2.2
ORappleiphone_osMatch4.0
ORappleiphone_osMatch4.0.1
ORappleiphone_osMatch4.0.2
ORappleiphone_osMatch4.1
ORappleiphone_osMatch4.2.1
ORappleiphone_osMatch4.2.5
ORappleiphone_osMatch4.2.8
ORappleiphone_osMatch4.3.0
ORappleiphone_osMatch4.3.1
ORappleiphone_osMatch4.3.2
ORappleiphone_osMatch4.3.3
ORappleiphone_osMatch4.3.5
ORappleiphone_osMatch5.0
ORappleiphone_osMatch5.0.1
ORappleiphone_osMatch5.1
ORappleiphone_osMatch5.1.1
ORappleiphone_osMatch6.0
ORappleiphone_osMatch6.0.1
ORappleiphone_osMatch6.0.2
ORappleiphone_osMatch6.1
ORappleiphone_osMatch6.1.2
ORappleiphone_osMatch6.1.3
References
git.gnome.org/browse/libxml2/commit/?id=6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d
googlechromereleases.blogspot.com/2012/11/stable-channel-update.html
lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html
lists.opensuse.org/opensuse-security-announce/2013-01/msg00023.html
lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
rhn.redhat.com/errata/RHSA-2012-1512.html
rhn.redhat.com/errata/RHSA-2013-0217.html
secunia.com/advisories/51448
secunia.com/advisories/54886
secunia.com/advisories/55568
support.apple.com/kb/HT5934
support.apple.com/kb/HT6001
www.debian.org/security/2012/dsa-2580
www.mandriva.com/security/advisories?name=MDVSA-2013:056
www.securityfocus.com/bid/56684
www.securitytracker.com/id?1027815
www.ubuntu.com/usn/USN-1656-1
bugzilla.redhat.com/show_bug.cgi?id=880466
code.google.com/p/chromium/issues/detail?id=158249
exchange.xforce.ibmcloud.com/vulnerabilities/80294
Related
vmware
vmware
VMware ESXi and ESX security update for third party library
2013-03-28 00:00:00
VMware ESXi and ESX security update for third party library
2013-03-28 00:00:00
suse
suse
Security update for libxml2 (important)
2012-12-12 17:09:09
libxml2: fixed buffer overflow during decoding entities (important)
2013-01-23 14:07:38
libxml2: fixed buffer overflow during decoding entities (important)
2012-12-17 12:08:33
centos
centos
libxml2 security update
2012-11-29 20:24:03
mingw32 security update
2013-02-01 00:53:30
openvas
openvas
Ubuntu: Security Advisory (USN-1656-1)
2012-12-06 00:00:00
Debian Security Advisory DSA 2580-1 (libxml2)
2012-12-04 00:00:00
RedHat Update for libxml2 RHSA-2012:1512-01
2012-12-04 00:00:00
prion
prion
Heap overflow
2012-11-28 01:55:00
debian
debian
[SECURITY] [DSA 2580-1] libxml security update
2012-12-02 20:54:41
ubuntu
ubuntu
Libxml2 vulnerability
2012-12-06 00:00:00
nessus
nessus
SuSE 11.2 Security Update : libxml2 (SAT Patch Number 7140)
2013-01-25 00:00:00
Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : libxml2 vulnerability (USN-1656-1)
2012-12-06 00:00:00
CentOS 5 / 6 : libxml2 (CESA-2012:1512)
2012-11-30 00:00:00
securityvulns
securityvulns
libxml2 buffer overflow
2012-12-06 00:00:00
APPLE-SA-2014-01-22-1 iTunes 11.1.4
2014-01-29 00:00:00
Apple iTunes multiple security vulnerabilities
2014-01-29 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:50:59
slackware
slackware
[slackware-security] libxml2
2012-12-07 03:51:19
osv
osv
libxml2 - buffer overflow
2012-12-02 00:00:00
cve
cve
CVE-2012-5134
2012-11-28 01:55:01
oraclelinux
oraclelinux
libxml2 security update
2012-11-29 00:00:00
libxml2 security update
2013-02-28 00:00:00
mingw32-libxml2 security update
2013-01-31 00:00:00
redhat
redhat
(RHSA-2012:1512) Important: libxml2 security update
2012-11-29 00:00:00
(RHSA-2013:0217) Important: mingw32-libxml2 security update
2013-01-31 00:00:00
amazon
amazon
Important: libxml2
2012-12-06 21:22:00
ubuntucve
ubuntucve
CVE-2012-5134
2012-11-27 00:00:00
debiancve
debiancve
CVE-2012-5134
2012-11-28 01:55:01
cvelist
cvelist
CVE-2012-5134
2012-11-28 01:00:00
threatpost
threatpost
Apple's iOS 7 Update Fixes 80 Security Bugs
2013-09-19 12:53:59
Google Repairs High-Risk Flaw in Chrome
2012-11-27 17:07:25
freebsd
freebsd
chromium -- multiple vulnerabilities
2012-11-26 00:00:00
gentoo
gentoo
libxml2: Multiple vulnerabilities
2013-11-10 00:00:00
seebug
seebug
Google Chrome 23.0.1271.91δΉεηζ¬ε€δΈͺθΏη¨ζΌζ΄
2012-11-27 00:00:00
chrome
chrome
Stable Channel Update
2012-11-26 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
High
0.044 Low
EPSS
Percentile
92.4%
Related for NVD:CVE-2012-5134