Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1334-1
HistoryJan 19, 2012 - 12:00 a.m.

libxml2 vulnerabilities

2012-01-1900:00:00
ubuntu.com
36

8.7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.04 Low

EPSS

Percentile

92.0%

JSON

Releases

  • Ubuntu 11.10
  • Ubuntu 11.04
  • Ubuntu 10.10
  • Ubuntu 10.04
  • Ubuntu 8.04

Packages

  • libxml2 - GNOME XML library

Details

It was discovered that libxml2 contained an off by one error. If a user or
application linked against libxml2 were tricked into opening a specially
crafted XML file, an attacker could cause the application to crash or
possibly execute arbitrary code with the privileges of the user invoking
the program. (CVE-2011-0216)

It was discovered that libxml2 is vulnerable to double-free conditions
when parsing certain XML documents. This could allow a remote attacker to
cause a denial of service. (CVE-2011-2821, CVE-2011-2834)

It was discovered that libxml2 did not properly detect end of file when
parsing certain XML documents. An attacker could exploit this to crash
applications linked against libxml2. (CVE-2011-3905)

It was discovered that libxml2 did not properly decode entity references
with long names. If a user or application linked against libxml2 were
tricked into opening a specially crafted XML file, an attacker could cause
the application to crash or possibly execute arbitrary code with the
privileges of the user invoking the program. (CVE-2011-3919)

OSVersionArchitecturePackageVersionFilename
Ubuntu8.04noarchlibxml2<Β 2.6.31.dfsg-2ubuntu1.7UNKNOWN
Ubuntu8.04noarchlibxml2-dbg<Β 2.6.31.dfsg-2ubuntu1.7UNKNOWN
Ubuntu8.04noarchlibxml2-dev<Β 2.6.31.dfsg-2ubuntu1.7UNKNOWN
Ubuntu8.04noarchlibxml2-udeb<Β 2.6.31.dfsg-2ubuntu1.7UNKNOWN
Ubuntu8.04noarchlibxml2-utils<Β 2.6.31.dfsg-2ubuntu1.7UNKNOWN
Ubuntu8.04noarchpython-libxml2<Β 2.6.31.dfsg-2ubuntu1.7UNKNOWN
Ubuntu8.04noarchpython-libxml2-dbg<Β 2.6.31.dfsg-2ubuntu1.7UNKNOWN
Ubuntu11.10noarchlibxml2<Β 2.7.8.dfsg-4ubuntu0.1UNKNOWN
Ubuntu11.10noarchlibxml2-dbg<Β 2.7.8.dfsg-4ubuntu0.1UNKNOWN
Ubuntu11.10noarchlibxml2-dev<Β 2.7.8.dfsg-4ubuntu0.1UNKNOWN
Rows per page:
1-10 of 351

Related

nessus 59
openvas 68
debian 1
osv 1
redhat 7
oraclelinux 6
centos 4
securityvulns 7
fedora 2
vmware 4
amazon 1
gentoo 2
suse 4
veracode 5
cve 5
freebsd 2
prion 5
debiancve 5
ubuntucve 5
seebug 2
threatpost 2
chrome 2
nessus
nessus
Debian DSA-2394-1 : libxml2 - several vulnerabilities
2012-01-27 00:00:00
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : libxml2 vulnerabilities (USN-1334-1)
2012-01-20 00:00:00
Oracle Linux 4 : libxml2 (ELSA-2012-0016)
2013-07-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2394-1)
2012-02-11 00:00:00
Debian Security Advisory DSA 2394-1 (libxml2)
2012-02-11 00:00:00
Ubuntu Update for libxml2 USN-1334-1
2012-01-20 00:00:00
debian
debian
[SECURITY] [DSA 2394-1] libxml2 security update
2012-01-26 22:46:37
osv
osv
libxml2 - several
2012-01-27 00:00:00
redhat
redhat
(RHSA-2012:0016) Important: libxml2 security update
2012-01-11 00:00:00
(RHSA-2012:0017) Important: libxml2 security update
2012-01-11 00:00:00
(RHSA-2012:0018) Important: libxml2 security update
2012-01-11 00:00:00
oraclelinux
oraclelinux
libxml2 security update
2012-01-11 00:00:00
libxml2 security update
2012-01-11 00:00:00
libxml2 security update
2012-01-11 00:00:00
centos
centos
libxml2 security update
2012-01-11 18:47:59
libxml2 security update
2012-01-11 19:19:14
libxml2 security update
2012-01-11 20:05:02
securityvulns
securityvulns
libxml library security vulnerabilities
2011-12-19 00:00:00
libxml2 memory corruption
2011-10-16 00:00:00
Apple TV multiple security vulnerabilities
2012-10-04 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: libxml2-2.7.8-9.fc17
2012-09-26 08:56:06
[SECURITY] Fedora 16 Update: libxml2-2.7.8-8.fc16
2012-09-27 04:35:19
vmware
vmware
VMware ESXi update to third party library
2012-07-12 00:00:00
VMware ESXi update to third party library
2012-07-12 00:00:00
VMware ESX updates to ESX Service Console
2012-04-26 00:00:00
amazon
amazon
Important: libxml2
2012-01-19 20:08:00
gentoo
gentoo
libxml2: User-assisted execution of arbitrary code
2012-02-29 00:00:00
libxml2: Multiple vulnerabilities
2011-10-26 00:00:00
suse
suse
libxml2: fixing heap-based buffer overflow (CVE-2011-3919) (important)
2012-01-19 20:08:14
Security update for libxml2 (important)
2012-01-24 18:08:16
Security update for libxml2 (important)
2013-11-04 17:04:12
veracode
veracode
Heap-Based Buffer Overflow
2019-05-02 04:52:19
Denial Of Service (DoS)
2019-05-02 04:52:19
Out-Of-Bounds Read
2019-05-02 04:52:19
cve
cve
CVE-2011-3919
2012-01-07 11:55:00
CVE-2011-3905
2011-12-13 21:55:00
CVE-2011-2821
2011-08-29 15:55:00
freebsd
freebsd
libxml2 -- heap buffer overflow
2012-01-05 00:00:00
chromium -- multiple vulnerabilities
2012-01-05 00:00:00
prion
prion
Out-of-bounds
2011-12-13 21:55:00
Heap overflow
2012-01-07 11:55:00
Double free
2011-08-29 15:55:00
debiancve
debiancve
CVE-2011-3919
2012-01-07 11:55:00
CVE-2011-2821
2011-08-29 15:55:00
CVE-2011-3905
2011-12-13 21:55:00
ubuntucve
ubuntucve
CVE-2011-2821
2011-08-29 00:00:00
CVE-2011-3919
2012-01-07 00:00:00
CVE-2011-3905
2011-12-13 00:00:00
seebug
seebug
Apple Safari &quot;libxml&quot;θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž
2011-12-08 00:00:00
Apple Safari 'libxml'θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž
2011-07-25 00:00:00
threatpost
threatpost
Google Fixes Three High-Priority Bugs in Chrome
2012-01-06 12:41:22
Google Fixes 11 Flaws in Chrome 13.0.782.215
2011-08-23 11:16:36
chrome
chrome
Stable Channel Update
2012-01-05 00:00:00
Stable Channel Update
2011-08-22 00:00:00

8.7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.04 Low

EPSS

Percentile

92.0%

JSON
Related for USN-1334-1
nessus59openvas68debian1osv1redhat7oraclelinux6centos4securityvulns7fedora2vmware4amazon1gentoo2suse4veracode5cve5freebsd2prion5debiancve5ubuntucve5seebug2threatpost2chrome2