CVE-2010-4494 – libxml2: double-free in XPath processing code
https://notcve.org/view.php?id=CVE-2010-4494
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. Vulnerabilidad de liberación doble en libxml2 2.7.8 y otras versiones, tal como se utiliza en Google Chrome en versiones anteriores a 8.0.552.215 y otros productos, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores relacionados con el manejo de XPath. • http://code.google.com/p/chromium/issues/detail?id=63444 http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.fedoraproject.org/pipermail/package-announce/2011-Ma • CWE-415: Double Free •
CVE-2010-4008 – libxml2: Crash (stack frame overflow or NULL pointer dereference) by traversal of XPath axis
https://notcve.org/view.php?id=CVE-2010-4008
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. libxml2 anterior v2.7.8, como el usado en Google Chrome anterior v7.0.517.44, Apple Safari v5.0.2 y anteriores, otros productos, ree desde localizaciones de memoria inválidas durante el procesado de expresiones XPath malformadas, lo que permite a atacantes dependientes del contexto causar una denegación de servicio (caída aplicación) a través de un documento XML. • http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari http://code.google.com/p/chromium/issues/detail?id=58731 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2011/Mar • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVE-2008-4409 – libxml2 - Denial of Service
https://notcve.org/view.php?id=CVE-2008-4409
libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities definitions" in entities, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash), as demonstrated by use of xmllint on a certain XML document, a different vulnerability than CVE-2003-1564 and CVE-2008-3281. libxml2 v2.7.0 y v2.7.1 no maneja apropiadamente "definiciones de entidades predefinidas" en entidades, lo cual permite a atacantes dependientes de contexto provocar una denegación de servicio (consumo de memoria y caída de aplicación), como lo demostrado por la utilización de xmllint en un determinado documento XML, una vulnerabilidad diferente a CVE-2003-1564 y CVE-2008-3281. • https://www.exploit-db.com/exploits/32454 http://bugzilla.gnome.org/show_bug.cgi?id=554660 http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://openwall.com/lists/oss-security/2008/10/02/4 http://secunia.com/advisories/32130 http://secunia.com/advisories/32175 http://secunia.com/advisories/32974 http://secunia.com/advisories/35379 http://security.gentoo.org/glsa/glsa-20081 • CWE-399: Resource Management Errors •