3 matches found
CVE-2012-5134
CVE-2012-5134 is a heap-based buffer underflow in libxml2’s xmlParseAttValueComplex (parser.c) present in libxml2 2.9.0 and earlier, used by Google Chrome up to 23.0.1271.91 and other products. The flaw allows a remote attacker to cause a crash or possibly execute arbitrary code via crafted XML e...
CVE-2012-2871
CVE-2012-2871 describes a memory handling issue in libxml2 (used in Chrome prior to 21.0.1180.89) where a bad cast during XSLT processing can lead to denial of service or potentially other impacts via a crafted document (root cause related to _xmlNs in include/libxml/tree.h). Connected advisories...
CVE-2012-0841
CVE-2012-0841 affects libxml2 up to version 2.8.0, where hash computation can be induced to collide, enabling context‑dependent attackers to trigger a denial of service via crafted XML data. The issue is repeatedly cited in multiple advisories and Nessus plugins, linking the vulnerability to the ...