fkie_cve-2012-2870
Vulnerability from fkie_nvd
Published
2012-08-31 19:55
Modified
2024-11-21 01:39
Severity ?
Summary
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", matchCriteriaId: "D746FCB4-9ACA-425D-929F-F46EDDEC1B56", versionEndIncluding: "6.1.4", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A7B6D035-38A9-4C0B-9A9D-CAE3BF1CA56D", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0C5B94E7-2C24-4913-B65E-8D8A0DE2B80B", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E28FB0CB-D636-4F85-B5F7-70EC30053925", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "9EC16D1C-065A-4D1A-BA6E-528A71DF65CC", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "27319629-171F-42AA-A95F-2D71F78097D0", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "4F7AEFAB-7BB0-40D8-8BA5-71B374EB69DB", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "297F9438-0F04-4128-94A8-A504B600929E", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "F8618621-F871-4531-9F6C-7D60F2BF8B75", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*", matchCriteriaId: "824DED2D-FA1D-46FC-8252-6E25546DAE29", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*", matchCriteriaId: "1641DDFA-3BF1-467F-8EC3-98114FF9F07B", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "DF40CDA4-4716-4815-9ED0-093FE266734C", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "D61644E2-7AF5-48EF-B3D5-59C7B2AD1A58", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3D06D54D-97FD-49FD-B251-CC86FBA68CA6", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*", matchCriteriaId: "25A5D868-0016-44AB-80E6-E5DF91F15455", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*", matchCriteriaId: "4C14EEA4-6E35-4EBE-9A43-8F6D69318BA0", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*", matchCriteriaId: "B15E90AE-2E15-4BC2-B0B8-AFA2B1297B03", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*", matchCriteriaId: "4E0C0A8D-3DDD-437A-BB3D-50FAEAF6C440", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*", matchCriteriaId: "863383DA-0BC6-4A96-835A-A96128EC0202", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*", matchCriteriaId: "2CFF5BE7-2BF6-48CE-B74B-B1A05383C10F", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*", matchCriteriaId: "51D3BE2B-5A01-4AD4-A436-0056B50A535D", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*", matchCriteriaId: "9A20F171-79FE-43B9-8309-B18341639FA1", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*", matchCriteriaId: "126EF22D-29BC-4366-97BC-B261311E6251", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*", matchCriteriaId: "3B3DD7B3-DA4C-4B0A-A94E-6BF66B358B7D", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*", matchCriteriaId: "3A939B80-0AD0-48AF-81A7-370716F56639", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*", matchCriteriaId: "D28528CE-4943-4F82-80C0-A629DA3E6702", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*", matchCriteriaId: "12E22AF0-2B66-425A-A1EE-4F0E3B0433E7", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*", matchCriteriaId: "BB34ECBE-33E8-40E1-936B-7800D2525AE6", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*", matchCriteriaId: "107C59BE-D8CF-4A17-8DFB-BED2AB12388D", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*", matchCriteriaId: "36C86BB9-0328-4E34-BC2B-47B3471EC262", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A54A8681-2D8A-4B0B-A947-82F3CE1FB03C", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*", matchCriteriaId: "E0070D83-2E27-4DA8-8D10-A6A697216F36", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*", matchCriteriaId: "8C9ACA63-4528-4090-B1EA-1FE57A6B0555", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*", matchCriteriaId: "7252935C-E421-4339-B61F-0299E28888DA", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*", matchCriteriaId: "9DD342BF-096A-4082-B700-19629F2BDE87", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*", matchCriteriaId: "93141AB6-26F2-4C6D-95B3-D383EABB4034", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*", matchCriteriaId: "4D5C61FF-7CD3-410A-94F2-5DE701466B1F", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*", matchCriteriaId: "28A01C87-B02A-4239-8340-B396D0E6B21C", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:5.0:*:*:*:*:*:*:*", matchCriteriaId: "06980521-B0EA-434D-89AD-A951EAF1D23F", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:5.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A3AE6A93-3977-4B32-B2F6-55C94387DDE3", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:5.1:*:*:*:*:*:*:*", matchCriteriaId: "E78F1F2C-2BFF-4D55-A754-102D6C42081B", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:5.1.1:*:*:*:*:*:*:*", matchCriteriaId: "A0A4AF71-8E71-432A-B908-361DAF99F4B9", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*", matchCriteriaId: "DEE0068D-C699-4646-9658-610409925A79", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "87C215DD-BC98-4283-BF13-69556EF7CB78", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*", matchCriteriaId: "C1C3966E-C136-47A9-B5B4-70613756ED27", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*", matchCriteriaId: "22AD2A1F-A637-47DE-A69F-DAE4ABDFA4BD", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:6.1.2:*:*:*:*:*:*:*", matchCriteriaId: "F6D398B8-821B-4DE9-ADF1-4983051F964C", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:6.1.3:*:*:*:*:*:*:*", matchCriteriaId: "E0CCE5F2-4D32-404B-BAAC-E64F11BD41FB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "9E9EB400-8080-4519-ADE0-DF99113483AE", versionEndIncluding: "21.0.1180.88", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.0:*:*:*:*:*:*:*", matchCriteriaId: "767C0C1A-EAC4-4F98-9E80-CFDA5069F118", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.1:*:*:*:*:*:*:*", matchCriteriaId: "0E2554F0-0DEB-41A0-A595-6A524F9EC001", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.2:*:*:*:*:*:*:*", matchCriteriaId: "4F542051-CEED-45A4-BB83-937069D07CB2", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.31:*:*:*:*:*:*:*", matchCriteriaId: "AC926FFC-EF03-46F0-B5B5-02B34571D6C4", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.32:*:*:*:*:*:*:*", matchCriteriaId: "24849FF0-F873-4365-9B82-F16AD7F4A291", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.33:*:*:*:*:*:*:*", matchCriteriaId: "8E784307-0538-4524-94EA-A88B1ABD0E2E", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.34:*:*:*:*:*:*:*", matchCriteriaId: "5655EFE7-69CB-469F-A00A-D6F3F7F492E4", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.35:*:*:*:*:*:*:*", matchCriteriaId: "D3B22D68-9E32-4566-8ED1-F1CE87903F98", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.36:*:*:*:*:*:*:*", matchCriteriaId: "40DB1183-DFF5-4251-BCDF-2F7696ABBFA0", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.37:*:*:*:*:*:*:*", matchCriteriaId: "8BD5341A-E508-4E5B-B03F-677D97E5A464", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.38:*:*:*:*:*:*:*", matchCriteriaId: "E096479F-4C69-445A-8C2B-7201896F401B", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.39:*:*:*:*:*:*:*", matchCriteriaId: "25756B8C-FBEB-4D7F-99E6-EA7D27B07B39", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.41:*:*:*:*:*:*:*", matchCriteriaId: "41371794-2083-4188-90BE-506419DC0B82", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.46:*:*:*:*:*:*:*", matchCriteriaId: "51FF3E52-3E8E-4D2F-ABA3-B7D83219D723", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.47:*:*:*:*:*:*:*", matchCriteriaId: "981570FA-6B44-49A8-9C9B-7D5127E90F6C", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.48:*:*:*:*:*:*:*", matchCriteriaId: "36D2B7FE-2B20-47CA-9B3C-B726E21659E8", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.49:*:*:*:*:*:*:*", matchCriteriaId: "858BDFA4-E9CB-4537-ABA7-4283318CA501", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.50:*:*:*:*:*:*:*", matchCriteriaId: "76D0CD04-8EF4-4B6A-BD4F-1DFCDDDD4DED", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.51:*:*:*:*:*:*:*", matchCriteriaId: "9E912B5D-81F3-4A93-A0E6-B1CFDE2B46EE", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.52:*:*:*:*:*:*:*", matchCriteriaId: "B578A2BC-9360-428C-9AFE-DC9DB9E0A621", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.53:*:*:*:*:*:*:*", matchCriteriaId: "9DCB6048-5A18-4FD6-A21B-95B595CF943C", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.54:*:*:*:*:*:*:*", matchCriteriaId: "28882288-859D-425C-8BA3-F46D058B61D6", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.55:*:*:*:*:*:*:*", matchCriteriaId: "444AD7BB-FE0B-4A51-BA89-EE2647F4E8AE", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.56:*:*:*:*:*:*:*", matchCriteriaId: "A0692DD3-562D-4BE7-BB61-1549EFFF9CD5", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.57:*:*:*:*:*:*:*", matchCriteriaId: "5FF70696-70A8-4DFA-A0C3-172A103F3F24", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.59:*:*:*:*:*:*:*", matchCriteriaId: "25241621-CBB0-4E39-B901-2F70EE476722", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.60:*:*:*:*:*:*:*", matchCriteriaId: "1355883C-C184-46C1-9CF7-AA59B0FC61B7", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.61:*:*:*:*:*:*:*", matchCriteriaId: "DB090D01-9F7E-49CF-8356-80CC03999121", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.62:*:*:*:*:*:*:*", matchCriteriaId: "A37AB354-581C-42CA-B8E9-9AEAC0B326AF", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.63:*:*:*:*:*:*:*", matchCriteriaId: "885EFC87-061C-4EEF-880A-68D7D53BACDA", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.64:*:*:*:*:*:*:*", matchCriteriaId: "D58B0932-1DF3-4308-8D82-B20564E974F8", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.68:*:*:*:*:*:*:*", matchCriteriaId: "A8FAD1E6-788F-4295-BFD2-F3CE99B14934", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.69:*:*:*:*:*:*:*", matchCriteriaId: "DF8AB897-7A45-4360-AFA7-EB7C8690ADD9", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.70:*:*:*:*:*:*:*", matchCriteriaId: "9EF0FA83-C464-4270-A4E8-1441DF4ECFAD", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.71:*:*:*:*:*:*:*", matchCriteriaId: "86B70015-F651-467C-A846-5C97772D91EA", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.72:*:*:*:*:*:*:*", matchCriteriaId: "C07A549D-48EF-434C-ABBA-0FF7078060D7", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.73:*:*:*:*:*:*:*", matchCriteriaId: "B573E86E-3512-4DB9-911E-1B27A3BB69DC", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.74:*:*:*:*:*:*:*", matchCriteriaId: "D2BDB997-D125-4B5D-9680-9AED7D89FD0A", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.75:*:*:*:*:*:*:*", matchCriteriaId: "0BAF7E49-6795-4848-AADD-40D8B2D5F5BA", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.76:*:*:*:*:*:*:*", matchCriteriaId: "B7B244B3-86E0-4E1D-96A5-E0B9B50F2ADB", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.77:*:*:*:*:*:*:*", matchCriteriaId: "A0FF1C67-9CB7-4C78-9F3C-C88AB5A6284D", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.78:*:*:*:*:*:*:*", matchCriteriaId: "3371BBF5-0B82-4005-96AE-9B604A2FA70B", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.79:*:*:*:*:*:*:*", matchCriteriaId: "5916EA0D-D763-4650-9AC4-A38C6E8EB052", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.80:*:*:*:*:*:*:*", matchCriteriaId: "443C5B0F-8FC6-40E3-AA95-BB8884176002", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.81:*:*:*:*:*:*:*", matchCriteriaId: "7CEE1054-F275-4C04-9F1E-994AD053827A", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.82:*:*:*:*:*:*:*", matchCriteriaId: "FA50A727-8EBA-4E97-A003-FAA2258D9128", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.83:*:*:*:*:*:*:*", matchCriteriaId: "DEFF35D2-661A-4FCC-AB31-D354D1F204F9", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.84:*:*:*:*:*:*:*", matchCriteriaId: "150E8749-5A22-4834-A165-1F9FAFE3F91D", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.85:*:*:*:*:*:*:*", matchCriteriaId: "DF534291-1F7A-486D-9574-CA9E734DBC6E", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.86:*:*:*:*:*:*:*", matchCriteriaId: "A9ACB74A-3F0C-44FE-BC9D-4993AD58064F", vulnerable: true, }, { criteria: "cpe:2.3:a:google:chrome:21.0.1180.87:*:*:*:*:*:*:*", matchCriteriaId: "D1BF669C-3DAD-46B6-B2B9-A226CAC7B0D8", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*", matchCriteriaId: "9251F19D-BEA4-4ED4-9A4B-EA89E795C6D0", versionEndIncluding: "1.1.26", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.8:*:*:*:*:*:*:*", matchCriteriaId: "CBFCEA36-7573-491B-8438-4E3FDF8E97ED", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.9:*:*:*:*:*:*:*", matchCriteriaId: "EF38997D-634C-423C-BD82-44E74A99D8DD", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.10:*:*:*:*:*:*:*", matchCriteriaId: "A9B4CF5A-150E-4814-BA15-EF9FB30AD0CC", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.11:*:*:*:*:*:*:*", matchCriteriaId: "9D4401FF-84D8-4AD5-BAED-978E31E5DADB", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.12:*:*:*:*:*:*:*", matchCriteriaId: "CC004874-3C5D-4932-AD5B-BE7156D7D13E", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.13:*:*:*:*:*:*:*", matchCriteriaId: "269892E0-1ABA-4D0F-8266-A4DA8A575967", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.14:*:*:*:*:*:*:*", matchCriteriaId: "4597D362-AD62-4D58-BC7F-CCED44488466", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.15:*:*:*:*:*:*:*", matchCriteriaId: "0D885D06-D6E5-432C-9923-AE2CE73F7654", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.16:*:*:*:*:*:*:*", matchCriteriaId: "6F5003EF-82E2-49F9-9F74-CB92FE98E2E3", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.17:*:*:*:*:*:*:*", matchCriteriaId: "5C0D6095-2A7B-4328-ADA0-283E8F79AFDD", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.18:*:*:*:*:*:*:*", matchCriteriaId: "91C70E5E-A987-4BF3-9300-E4A3F2B0B853", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.19:*:*:*:*:*:*:*", matchCriteriaId: "C5EFA6E9-593B-484A-A8FB-A22BAEE208B9", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.20:*:*:*:*:*:*:*", matchCriteriaId: "6C55B5B1-76F1-480B-B7F9-EF4AFE79E3F4", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.21:*:*:*:*:*:*:*", matchCriteriaId: "58E904DA-889E-44B9-9AF6-EC753FB316BC", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.22:*:*:*:*:*:*:*", matchCriteriaId: "A3BC6F57-1DDD-4EA6-83F9-2672B11DF7B2", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.23:*:*:*:*:*:*:*", matchCriteriaId: "69A51C1E-21C9-4FA4-8340-345B5E1F1B70", vulnerable: true, }, { criteria: "cpe:2.3:a:xmlsoft:libxslt:1.1.24:*:*:*:*:*:*:*", matchCriteriaId: "C9D7C38F-EF88-4531-803D-BA911978A176", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.", }, { lang: "es", value: "libxslt v1.1.26 y anteriores, tal como se utiliza en Google Chrome anterior a v21.0.1180.89, no gestiona adecuadamente la memoria, lo que podría permitir a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de una elaborada expresión XSLT que no esté debidamente identificado durante XPath navegación, en relación con (1) la función xsltCompileLocationPathPattern en libxslt / pattern.c y (2) la función xsltGenerateIdFunction en libxslt / functions.c.", }, ], id: "CVE-2012-2870", lastModified: "2024-11-21T01:39:48.000", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-08-31T19:55:01.077", references: [ { source: "chrome-cve-admin@google.com", url: "http://code.google.com/p/chromium/issues/detail?id=138672", }, { source: "chrome-cve-admin@google.com", url: "http://code.google.com/p/chromium/issues/detail?id=140368", }, { source: "chrome-cve-admin@google.com", url: "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html", }, { source: "chrome-cve-admin@google.com", url: "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html", }, { source: "chrome-cve-admin@google.com", url: "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html", }, { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html", }, { source: "chrome-cve-admin@google.com", url: "http://secunia.com/advisories/50838", }, { source: "chrome-cve-admin@google.com", url: "http://secunia.com/advisories/54886", }, { source: "chrome-cve-admin@google.com", url: "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?r1=75684&r2=149998", }, { source: "chrome-cve-admin@google.com", url: "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?view=log", }, { source: "chrome-cve-admin@google.com", url: "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123", }, { source: "chrome-cve-admin@google.com", url: "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?view=log", }, { source: "chrome-cve-admin@google.com", url: "http://support.apple.com/kb/HT5934", }, { source: "chrome-cve-admin@google.com", url: "http://support.apple.com/kb/HT6001", }, { source: "chrome-cve-admin@google.com", url: "http://www.debian.org/security/2012/dsa-2555", }, { source: "chrome-cve-admin@google.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:164", }, { source: "chrome-cve-admin@google.com", url: "https://chromiumcodereview.appspot.com/10823168", }, { source: "chrome-cve-admin@google.com", url: "https://chromiumcodereview.appspot.com/10830177", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://code.google.com/p/chromium/issues/detail?id=138672", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://code.google.com/p/chromium/issues/detail?id=140368", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/50838", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/54886", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?r1=75684&r2=149998", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?view=log", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?view=log", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.apple.com/kb/HT5934", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.apple.com/kb/HT6001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2012/dsa-2555", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromiumcodereview.appspot.com/10823168", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromiumcodereview.appspot.com/10830177", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.