FKIE_CVE-2012-2893

Vulnerability from fkie_nvd - Published: 2012-09-26 10:56 - Updated: 2025-04-11 00:51
Severity ?
Summary
Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms.
References
chrome-cve-admin@google.comhttp://git.chromium.org/gitweb/?p=chromium.git%3Ba=commit%3Bh=9a5da8e7d4b6f3454614b0331a51bf29c966f556
chrome-cve-admin@google.comhttp://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html
chrome-cve-admin@google.comhttp://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html
chrome-cve-admin@google.comhttp://secunia.com/advisories/50838
chrome-cve-admin@google.comhttp://www.debian.org/security/2012/dsa-2555
chrome-cve-admin@google.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2012:164
chrome-cve-admin@google.comhttps://chromiumcodereview.appspot.com/10919019
chrome-cve-admin@google.comhttps://code.google.com/p/chromium/issues/detail?id=144799
chrome-cve-admin@google.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15714
chrome-cve-admin@google.comhttps://src.chromium.org/viewvc/chrome?view=rev&revision=154331
af854a3a-2127-422b-91ae-364da2661108http://git.chromium.org/gitweb/?p=chromium.git%3Ba=commit%3Bh=9a5da8e7d4b6f3454614b0331a51bf29c966f556
af854a3a-2127-422b-91ae-364da2661108http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/50838
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2012/dsa-2555
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2012:164
af854a3a-2127-422b-91ae-364da2661108https://chromiumcodereview.appspot.com/10919019
af854a3a-2127-422b-91ae-364da2661108https://code.google.com/p/chromium/issues/detail?id=144799
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15714
af854a3a-2127-422b-91ae-364da2661108https://src.chromium.org/viewvc/chrome?view=rev&revision=154331
Impacted products
Vendor Product Version
google chrome *
google chrome 22.0.1229.0
google chrome 22.0.1229.1
google chrome 22.0.1229.2
google chrome 22.0.1229.3
google chrome 22.0.1229.4
google chrome 22.0.1229.6
google chrome 22.0.1229.7
google chrome 22.0.1229.8
google chrome 22.0.1229.9
google chrome 22.0.1229.10
google chrome 22.0.1229.11
google chrome 22.0.1229.12
google chrome 22.0.1229.14
google chrome 22.0.1229.16
google chrome 22.0.1229.17
google chrome 22.0.1229.18
google chrome 22.0.1229.20
google chrome 22.0.1229.21
google chrome 22.0.1229.22
google chrome 22.0.1229.23
google chrome 22.0.1229.24
google chrome 22.0.1229.25
google chrome 22.0.1229.26
google chrome 22.0.1229.27
google chrome 22.0.1229.28
google chrome 22.0.1229.29
google chrome 22.0.1229.31
google chrome 22.0.1229.32
google chrome 22.0.1229.33
google chrome 22.0.1229.35
google chrome 22.0.1229.36
google chrome 22.0.1229.37
google chrome 22.0.1229.39
google chrome 22.0.1229.48
google chrome 22.0.1229.49
google chrome 22.0.1229.50
google chrome 22.0.1229.51
google chrome 22.0.1229.52
google chrome 22.0.1229.53
google chrome 22.0.1229.54
google chrome 22.0.1229.55
google chrome 22.0.1229.56
google chrome 22.0.1229.57
google chrome 22.0.1229.58
google chrome 22.0.1229.59
google chrome 22.0.1229.60
google chrome 22.0.1229.62
google chrome 22.0.1229.63
google chrome 22.0.1229.64
google chrome 22.0.1229.65
google chrome 22.0.1229.67
google chrome 22.0.1229.76
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A731193E-2EB0-4493-B030-E5D8B313CC4C",
              "versionEndIncluding": "22.0.1229.78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFA38088-0F0C-4AD7-B6AE-90E0A296CBC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBC81E3-5BFB-4A72-AE61-824925EA566E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F6D1B7C-68B2-4E15-A299-64AB33AC44A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E74AD2-3C44-45F3-898A-9BCEB5EA9A50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E2ADE22-3ED1-4ADE-B6B3-FD2660A9B2B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "91896DBD-3DE2-40FC-B1D1-46C78335BEB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B34C33DD-782F-4496-B8EB-6A4E03ACC435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2219708F-86BE-4B08-9CE4-3AA4CC6366E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C777D40-B33D-424C-99C2-4BB255782ADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB90F606-71C4-484A-9748-CD91290FCFCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "137AE4FA-8BA2-45F1-A679-F78B40A87B19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "1592A3E6-0B43-4DE0-8578-89281762FF9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B74803BF-7531-45DC-9A75-0BF2B564D93D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "751A2447-B844-4AC0-9078-E608B4931853",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "64C12DD1-E746-47A0-A153-C1A483C85CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "051D486A-D5B5-40C1-AAA0-9E4436BDA50D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF8DFBC-0C20-4A45-85BA-E78392D9E871",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "58C802FC-ADB1-4FBA-8B43-D1CD5DCB213D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713F8A-53EF-4907-8F26-E02C91136A0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A56C21F-F2F5-4E53-98F8-9EBD52FBBF5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "717B88A5-567A-498E-B559-E2EF1D0D8868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FCD61E9-F183-44B3-900F-663C7F69DDB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D268EF5-2147-4A76-9E82-BD1284F751A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "9437B1F1-5D6D-49A8-9BA1-BC2299727961",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "405AC015-C815-4D53-9430-37643534234A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "4234CB96-56D8-4D5E-88E2-E9CC048BDC76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAC7F56E-24F5-451A-AC82-FD1837B0B797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "2697F6EA-AECC-48E9-976F-A33EA43510DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EC008A4-B85F-43F9-AAE5-D55468280057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A3198ED-BA23-4E6A-B043-07E75C262839",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "579EE812-100F-4E79-871D-583044D56102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0B7E2C4-5A74-4E49-AC56-D718FC69B61C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A14964C-F114-45AC-A30D-42E120E2AEF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C2FBEC-17DE-4D09-8F2D-3642E90DA579",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0DC0C5-6902-4A4A-A26C-B5F7DB7DE2DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8518F5-67A2-478F-82F0-28202A73C594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "537FBE4D-BCC4-4320-AEC6-8151842DC4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F5737D-56FA-49EB-8DA0-5EFA1405A03A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0ABAA20-52A5-424D-A8DA-5333CFC5E417",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "A042CA57-F72C-450D-B35F-2F057675C120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD6155D0-D684-4598-A83B-FF2D1860D141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ADDB123-1157-4C87-8193-A1CF5BFE7C05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "2795BD2C-C512-4F00-8AD0-4781E665D515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "93A94863-EAD7-4B10-A674-0CFA9EA28618",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0D987B5-8F32-43FC-B753-87B2E29A2ECF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7345E1B-B38F-4C7E-88B9-C905D919F291",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "A591F092-4359-4F6E-BD07-C8554E72FA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.63:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A3D3FA2-C02E-4EA5-88C5-54311C126DC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.64:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DA9F5D3-AEBF-4E38-8C9B-C2503994CA16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "A848E89E-BEA9-49F9-A8D5-A19B0885E356",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F974E8-8B1D-414B-85C4-21127917C4D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:22.0.1229.76:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F0CF53F-0D12-4C7E-89CF-14EA6656F588",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de doble liberaci\u00f3n en libxslt en Google Chrome anterior a 22.0.1229.79, permite a atacantes remotos provocar una denegaci\u00f3n de servicio u otro tipo de impacto a trav\u00e9s de vectores relacionados con las transformaciones XSL."
    }
  ],
  "id": "CVE-2012-2893",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-09-26T10:56:05.093",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://git.chromium.org/gitweb/?p=chromium.git%3Ba=commit%3Bh=9a5da8e7d4b6f3454614b0331a51bf29c966f556"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://secunia.com/advisories/50838"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.debian.org/security/2012/dsa-2555"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:164"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://chromiumcodereview.appspot.com/10919019"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://code.google.com/p/chromium/issues/detail?id=144799"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15714"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://src.chromium.org/viewvc/chrome?view=rev\u0026revision=154331"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.chromium.org/gitweb/?p=chromium.git%3Ba=commit%3Bh=9a5da8e7d4b6f3454614b0331a51bf29c966f556"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/50838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2012/dsa-2555"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://chromiumcodereview.appspot.com/10919019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://code.google.com/p/chromium/issues/detail?id=144799"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://src.chromium.org/viewvc/chrome?view=rev\u0026revision=154331"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.