4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
libxml2 is vulnerable to denial of service. An attacker is able to crash the application via a malicious XML document containing malformed XPath expressions.
CPE | Name | Operator | Version |
---|---|---|---|
mingw32-libxml2 | eq | 2.7.6__3.el6 | |
mingw32-libxml2 | eq | 2.7.6__2.el6 | |
libxml2.so | le | 2.7.6 | |
libxml2 | eq | 2.6.26__2.1.2.8.el5_5.1 | |
libxml2 | eq | 2.7.6__1.el6 |
blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/
code.google.com/p/chromium/issues/detail?id=58731
googlechromereleases.blogspot.com/2010/11/stable-channel-update.html
lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
mail.gnome.org/archives/xml/2010-November/msg00015.html
marc.info/?l=bugtraq&m=130331363227777&w=2
marc.info/?l=bugtraq&m=139447903326211&w=2
rhn.redhat.com/errata/RHSA-2013-0217.html
secunia.com/advisories/40775
secunia.com/advisories/42109
secunia.com/advisories/42175
secunia.com/advisories/42314
secunia.com/advisories/42429
support.apple.com/kb/HT4456
support.apple.com/kb/HT4554
support.apple.com/kb/HT4566
support.apple.com/kb/HT4581
www.debian.org/security/2010/dsa-2128
www.mandriva.com/security/advisories?name=MDVSA-2010:243
www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html
www.redhat.com/support/errata/RHSA-2011-1749.html
www.securityfocus.com/bid/44779
www.ubuntu.com/usn/USN-1016-1
www.vupen.com/english/advisories/2010/3046
www.vupen.com/english/advisories/2010/3076
www.vupen.com/english/advisories/2010/3100
www.vupen.com/english/advisories/2011/0230
access.redhat.com/security/updates/classification/#important
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148
rhn.redhat.com/errata/RHSA-2013-0217.html