Computer Security
[EN] securityvulns.ru no-pyccku


libxml2 memory corruption
updated since 19.06.2011
Published:16.10.2011
Source:
SecurityVulns ID:11744
Type:library
Threat Level:
5/10
Description:Multiple vulnerabilities related to XPath processing.
Affected:LIBXML : libxml 2.7
CVE:CVE-2011-2834 (Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.)
 CVE-2011-2821 (Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.)
 CVE-2011-1944 (Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.)
Original documentdocumentUBUNTU, [USN-1153-1] libxml2 vulnerability (19.06.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod