CVE-2017-5029 – chromium-browser: integer overflow in libxslt
https://notcve.org/view.php?id=CVE-2017-5029
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. La función xsltAddTextString en transform.c en libxslt 1.1.29, tal como se utiliza en Blink en Google Chrome anteriores a 57.0.2987.98 para Mac, Windows y Linux y 57.0.2987.108 para Android, carecía de una comprobación de desbordamiento de entero durante un cálculo de tamaño, lo que permite a un atacante remoto realizar una escritura de memoria fuera de límites a través de una página HTML diseñada. • http://rhn.redhat.com/errata/RHSA-2017-0499.html http://www.debian.org/security/2017/dsa-3810 http://www.securityfocus.com/bid/96767 http://www.securitytracker.com/id/1038157 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html https://crbug.com/676623 https://git.gnome.org/browse/libxslt/commit/?id=08ab2774b870de1c7b5a48693df75e8154addae5 https://access.redhat.com/security/cve/CVE-2017-5029 https://bugzilla.redhat.com/show_bug.cgi?id=1431033 • CWE-787: Out-of-bounds Write •
CVE-2016-4610
https://notcve.org/view.php?id=CVE-2016-4610
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612. libxslt en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones anteriores a 12.4.2 en Windows, iCloud en versiones anteriores a 5.2.1 en Windows, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2016-4607, CVE-2016-4608, CVE-2016-4609 y CVE-2016-4612. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html http://www.securityfocus.com/bid/91826 http://www.securitytracker.com/id/1036348 https://lists.debian.org/debian-lts-announce/20 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-4608
https://notcve.org/view.php?id=CVE-2016-4608
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612. libxslt en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones anteriores 12.4.2 en Windows, iCloud en versiones anteriores a 5.2.1 en Windows, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2016-4607, CVE2016-4609, CVE-2016-4610 y CVE-2016-4612 • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html http://www.securityfocus.com/bid/91826 http://www.securitytracker.com/id/1036348 https://lists.fedoraproject.org/archives/list/pack • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-4609
https://notcve.org/view.php?id=CVE-2016-4609
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, and CVE-2016-4612. libxslt en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones anteriores a 12.4.2 en Windows, iCloud en versiones anteriores a 5.2.1 en Windows, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2016-4607, CVE-2016-4608, CVE-2016-4610 y CVE-2016-4612. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html http://www.securityfocus.com/bid/91826 http://www.securitytracker.com/id/1036348 https://lists.debian.org/debian-lts-announce/20 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-4607
https://notcve.org/view.php?id=CVE-2016-4607
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612. libxslt en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones a 12.4.2 en Windows, iCloud en versiones anteriores a 5.2.1 en Windows, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2016-4608, CVE2016-4609, CVE-2016-4610 y CVE-2016-4612. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html http://www.securityfocus.com/bid/91834 http://www.securitytracker.com/id/1036348 https://lists.fedoraproject.org/archives/list/pack • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •