7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
libxml2 is vulnerable to denial of service. Remote attackers are able to crash the application due to a double free vulnerability related to XPath
handling.
CPE | Name | Operator | Version |
---|---|---|---|
mingw32-libxml2 | eq | 2.7.6__3.el6 | |
mingw32-libxml2 | eq | 2.7.6__2.el6 | |
libxml2 | eq | 2.7.6__1.el6 |
code.google.com/p/chromium/issues/detail?id=63444
googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html
lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html
lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
marc.info/?l=bugtraq&m=139447903326211&w=2
rhn.redhat.com/errata/RHSA-2013-0217.html
secunia.com/advisories/40775
secunia.com/advisories/42472
secunia.com/advisories/42721
secunia.com/advisories/42762
support.apple.com/kb/HT4554
support.apple.com/kb/HT4564
support.apple.com/kb/HT4566
support.apple.com/kb/HT4581
www.debian.org/security/2010/dsa-2137
www.mandriva.com/security/advisories?name=MDVSA-2010:260
www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html
www.redhat.com/support/errata/RHSA-2011-1749.html
www.vupen.com/english/advisories/2010/3319
www.vupen.com/english/advisories/2010/3336
www.vupen.com/english/advisories/2011/0230
access.redhat.com/security/updates/classification/#important
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11916
rhn.redhat.com/errata/RHSA-2013-0217.html