CVE-2012-2871 – libxslt: Heap-buffer overflow caused by bad cast in XSL transforms
https://notcve.org/view.php?id=CVE-2012-2871
libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. libxml2 v2.9.0-rc1 y anteriores, tal como se utiliza en Google Chrome antes de v21.0.1180.89, no admite correctamente un conversión de una variable no especificada durante la manipulación de las transformaciones XSL, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto desconocido a través de un documento diseñado para tal fin. Se trata de un problema relacionado con la estructura de datos _xmlNs en include/libxml/tree.h. • http://code.google.com/p/chromium/issues/detail?id=138673 http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html http://secunia.com/advisories/50838 http://secunia.com/advisories/54886 http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libx • CWE-122: Heap-based Buffer Overflow •
CVE-2012-2807 – (64-bit): Multiple integer overflows, leading to DoS or possibly other unspecified impact
https://notcve.org/view.php?id=CVE-2012-2807
Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Múltiples desbordamientos de enteros en libxml2, como aparece en Google Chrome anterior a v20.0.1132.43, en plataformas de 64 bits de Linux permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=129930 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html http://secunia.com/advisories/50658 http://secunia.com/advisories/50800 http://secunia.com/advisories/54886 http://secunia.com/advisories • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVE-2011-3102 – libxml: An off-by-one out-of-bounds write by XPointer part evaluation
https://notcve.org/view.php?id=CVE-2011-3102
Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. Error de superación de límite (off-by-one) en libxml2, como el usado en Google Chrome anteriores a v19.0.1084.46, permite a atacantes remotos provocar una denegación de servicio (escritura fuera del límite) y posiblemente tener otros impactos no determinados a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=125462 http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html http://rhn.redhat.com/errata/RHSA-2013-0217.html http://secunia.c • CWE-189: Numeric Errors CWE-787: Out-of-bounds Write •
CVE-2012-0841 – libxml2: hash table collisions CPU usage DoS
https://notcve.org/view.php?id=CVE-2012-0841
libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data. libxml2 v2.8.0 y anteriores calcula los valores de hash sin restringir la capacidad de provocar colisiones hash predecibles, lo que permite a atacantes dependientes de contexto provocar una denegación de servicio (consumo de CPU) a través datos XML modificados. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660846 http://git.gnome.org/browse/libxml2/commit/?id=8973d58b7498fa5100a876815476b81fd1a2412a http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html http://rhn.redhat.com/errata/RHSA-2012-0324.html http://rhn.redhat.com/errata/RHSA-2013-0217.html http://secunia.com/advisories/54 • CWE-399: Resource Management Errors CWE-407: Inefficient Algorithmic Complexity •
CVE-2011-3441
https://notcve.org/view.php?id=CVE-2011-3441
libinfo in Apple iOS before 5.0.1 does not properly formulate domain-name queries, which allows remote attackers to obtain sensitive information via a crafted DNS hostname. Libinfo en Apple iOS anterior a v5.0.1 no formula correctamente las preguntas de nombres de dominio, lo que permite a atacantes remotos obtener información sensible a través de un nombre de host DNS manipulado. • http://lists.apple.com/archives/Security-announce/2011/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://support.apple.com/kb/HT5052 http://support.apple.com/kb/HT5130 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •