CVE-2011-3970 – libxslt: Out-of-bounds read when parsing certain patterns
https://notcve.org/view.php?id=CVE-2011-3970
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. libxslt, tal y como se utiliza en Google Chrome antes de v17.0.963.46, permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=110277 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14818 https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.html https://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.html https://access.redhat.com/security/cve/CVE-2011-3970 https://bugzilla.redhat.com/show_bug.cgi?id=788826 • CWE-125: Out-of-bounds Read •
CVE-2008-2935 – libxslt 1.1.x - RC4 Encryption and Decryption functions Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-2935
Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input." Múltiples desbordamientos de búfer basados en montículo en las funciones rc4 de (1) cifrado (aka exsltCryptoRc4EncryptFunction) y (2) descifrado (aka exsltCryptoRc4DecryptFunction) en crypto.c en libexslt en libxslt 1.1.8 hasta 1.1.24 permite a atacantes dependientes de contexto ejecutar código de su elección a través de un fichero XML que contiene una larga cadena de caracteres como "un argumento en la entrada XSL." • https://www.exploit-db.com/exploits/32133 http://secunia.com/advisories/31230 http://secunia.com/advisories/31310 http://secunia.com/advisories/31331 http://secunia.com/advisories/31363 http://secunia.com/advisories/31395 http://secunia.com/advisories/31399 http://secunia.com/advisories/32453 http://security.gentoo.org/glsa/glsa-200808-06.xml http://securityreason.com/securityalert/4078 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0306 http://www.debian.org/security/20 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •