CVE-2010-4494

libxml2: double-free in XPath processing code

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

Vulnerabilidad de liberación doble en libxml2 2.7.8 y otras versiones, tal como se utiliza en Google Chrome en versiones anteriores a 8.0.552.215 y otros productos, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores relacionados con el manejo de XPath.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2010-12-07 CVE Reserved
2010-12-07 CVE Published
2024-05-04 EPSS Updated
2024-08-07 CVE Updated
2024-08-07 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-415: Double Free

CAPEC

References (28)

URL	Tag	Source
http://secunia.com/advisories/40775	Third Party Advisory
http://secunia.com/advisories/42472	Third Party Advisory
http://secunia.com/advisories/42721	Third Party Advisory
http://secunia.com/advisories/42762	Third Party Advisory
http://support.apple.com/kb/HT4554	Third Party Advisory
http://support.apple.com/kb/HT4564	Third Party Advisory
http://support.apple.com/kb/HT4566	Broken Link
http://support.apple.com/kb/HT4581	Third Party Advisory
http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html	Third Party Advisory
http://www.vupen.com/english/advisories/2010/3319	Third Party Advisory
http://www.vupen.com/english/advisories/2010/3336	Third Party Advisory
http://www.vupen.com/english/advisories/2011/0230	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11916	Signature

URL	Date	SRC
http://code.google.com/p/chromium/issues/detail?id=63444	2024-08-07

URL	Date	SRC

URL	Date	SRC
http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html	2020-07-31
http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html	2020-07-31
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html	2020-07-31
http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	2020-07-31
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html	2020-07-31
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html	2020-07-31
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html	2020-07-31
http://marc.info/?l=bugtraq&m=139447903326211&w=2	2020-07-31
http://rhn.redhat.com/errata/RHSA-2013-0217.html	2020-07-31
http://www.debian.org/security/2010/dsa-2137	2020-07-31
http://www.mandriva.com/security/advisories?name=MDVSA-2010:260	2020-07-31
http://www.redhat.com/support/errata/RHSA-2011-1749.html	2020-07-31
https://access.redhat.com/security/cve/CVE-2010-4494	2013-01-31
https://bugzilla.redhat.com/show_bug.cgi?id=665963	2013-01-31

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Google Search vendor "Google"		Chrome Search vendor "Google" for product "Chrome"				< 8.0.552.215 Search vendor "Google" for product "Chrome" and version " < 8.0.552.215"		-		Affected
Xmlsoft Search vendor "Xmlsoft"		Libxml2 Search vendor "Xmlsoft" for product "Libxml2"				<= 2.7.8 Search vendor "Xmlsoft" for product "Libxml2" and version " <= 2.7.8"		-		Affected
Apple Search vendor "Apple"		Itunes Search vendor "Apple" for product "Itunes"				< 10.2 Search vendor "Apple" for product "Itunes" and version " < 10.2"		-		Affected
Apple Search vendor "Apple"		Safari Search vendor "Apple" for product "Safari"				< 5.0.4 Search vendor "Apple" for product "Safari" and version " < 5.0.4"		-		Affected
Apple Search vendor "Apple"		Iphone Os Search vendor "Apple" for product "Iphone Os"				< 4.3.0 Search vendor "Apple" for product "Iphone Os" and version " < 4.3.0"		-		Affected
Apple Search vendor "Apple"		Mac Os X Search vendor "Apple" for product "Mac Os X"				< 10.6.7 Search vendor "Apple" for product "Mac Os X" and version " < 10.6.7"		-		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				11.2 Search vendor "Opensuse" for product "Opensuse" and version "11.2"		-		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				11.3 Search vendor "Opensuse" for product "Opensuse" and version "11.3"		-		Affected
Suse Search vendor "Suse"		Suse Linux Enterprise Server Search vendor "Suse" for product "Suse Linux Enterprise Server"				11 Search vendor "Suse" for product "Suse Linux Enterprise Server" and version "11"		sp1		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				14 Search vendor "Fedoraproject" for product "Fedora" and version "14"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop"				6.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				6.3 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "6.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				6.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation"				6.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "6.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				5.0 Search vendor "Debian" for product "Debian Linux" and version "5.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				6.0 Search vendor "Debian" for product "Debian Linux" and version "6.0"		-		Affected
Hp Search vendor "Hp"		Insight Control Server Deployment Search vendor "Hp" for product "Insight Control Server Deployment"				*		-		Affected
Hp Search vendor "Hp"		Rapid Deployment Pack Search vendor "Hp" for product "Rapid Deployment Pack"				*		-		Affected
Apache Search vendor "Apache"		Openoffice Search vendor "Apache" for product "Openoffice"				>= 2.1.0 <= 2.4.3 Search vendor "Apache" for product "Openoffice" and version " >= 2.1.0 <= 2.4.3"		-		Affected
Apache Search vendor "Apache"		Openoffice Search vendor "Apache" for product "Openoffice"				>= 3.0.0 < 3.3.0 Search vendor "Apache" for product "Openoffice" and version " >= 3.0.0 < 3.3.0"		-		Affected