CVE-2012-2871
libxslt: Heap-buffer overflow caused by bad cast in XSL transforms
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.
libxml2 v2.9.0-rc1 y anteriores, tal como se utiliza en Google Chrome antes de v21.0.1180.89, no admite correctamente un conversión de una variable no especificada durante la manipulación de las transformaciones XSL, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto desconocido a través de un documento diseñado para tal fin. Se trata de un problema relacionado con la estructura de datos _xmlNs en include/libxml/tree.h.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-05-19 CVE Reserved
- 2012-08-31 CVE Published
- 2024-03-31 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
CAPEC
References (17)
URL | Tag | Source |
---|---|---|
http://code.google.com/p/chromium/issues/detail?id=138673 | X_refsource_confirm | |
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html | X_refsource_confirm | |
http://secunia.com/advisories/50838 | Third Party Advisory | |
http://secunia.com/advisories/54886 | Third Party Advisory | |
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src/include/libxml/tree.h?r1=56276&r2=149930 | X_refsource_confirm | |
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src/include/libxml/tree.h?view=log | X_refsource_confirm | |
http://support.apple.com/kb/HT5934 | X_refsource_confirm | |
http://support.apple.com/kb/HT6001 | X_refsource_confirm | |
https://chromiumcodereview.appspot.com/10824157 | X_refsource_confirm | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/78179 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | <= 6.1.4 Search vendor "Apple" for product "Iphone Os" and version " <= 6.1.4" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.0.0 Search vendor "Apple" for product "Iphone Os" and version "1.0.0" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.0.1 Search vendor "Apple" for product "Iphone Os" and version "1.0.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.0.2 Search vendor "Apple" for product "Iphone Os" and version "1.0.2" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.1.0 Search vendor "Apple" for product "Iphone Os" and version "1.1.0" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.1.1 Search vendor "Apple" for product "Iphone Os" and version "1.1.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.1.2 Search vendor "Apple" for product "Iphone Os" and version "1.1.2" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.1.3 Search vendor "Apple" for product "Iphone Os" and version "1.1.3" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.1.4 Search vendor "Apple" for product "Iphone Os" and version "1.1.4" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 1.1.5 Search vendor "Apple" for product "Iphone Os" and version "1.1.5" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 2.0 Search vendor "Apple" for product "Iphone Os" and version "2.0" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 2.0.0 Search vendor "Apple" for product "Iphone Os" and version "2.0.0" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 2.0.1 Search vendor "Apple" for product "Iphone Os" and version "2.0.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 2.0.2 Search vendor "Apple" for product "Iphone Os" and version "2.0.2" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 2.1 Search vendor "Apple" for product "Iphone Os" and version "2.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 2.1.1 Search vendor "Apple" for product "Iphone Os" and version "2.1.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 2.2 Search vendor "Apple" for product "Iphone Os" and version "2.2" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 2.2.1 Search vendor "Apple" for product "Iphone Os" and version "2.2.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 3.0 Search vendor "Apple" for product "Iphone Os" and version "3.0" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 3.0.1 Search vendor "Apple" for product "Iphone Os" and version "3.0.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 3.1 Search vendor "Apple" for product "Iphone Os" and version "3.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 3.1.2 Search vendor "Apple" for product "Iphone Os" and version "3.1.2" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 3.1.3 Search vendor "Apple" for product "Iphone Os" and version "3.1.3" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 3.2 Search vendor "Apple" for product "Iphone Os" and version "3.2" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 3.2.1 Search vendor "Apple" for product "Iphone Os" and version "3.2.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 3.2.2 Search vendor "Apple" for product "Iphone Os" and version "3.2.2" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.0 Search vendor "Apple" for product "Iphone Os" and version "4.0" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.0.1 Search vendor "Apple" for product "Iphone Os" and version "4.0.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.0.2 Search vendor "Apple" for product "Iphone Os" and version "4.0.2" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.1 Search vendor "Apple" for product "Iphone Os" and version "4.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.2.1 Search vendor "Apple" for product "Iphone Os" and version "4.2.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.2.5 Search vendor "Apple" for product "Iphone Os" and version "4.2.5" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.2.8 Search vendor "Apple" for product "Iphone Os" and version "4.2.8" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.3.0 Search vendor "Apple" for product "Iphone Os" and version "4.3.0" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.3.1 Search vendor "Apple" for product "Iphone Os" and version "4.3.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.3.2 Search vendor "Apple" for product "Iphone Os" and version "4.3.2" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.3.3 Search vendor "Apple" for product "Iphone Os" and version "4.3.3" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 4.3.5 Search vendor "Apple" for product "Iphone Os" and version "4.3.5" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 5.0 Search vendor "Apple" for product "Iphone Os" and version "5.0" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 5.0.1 Search vendor "Apple" for product "Iphone Os" and version "5.0.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 5.1 Search vendor "Apple" for product "Iphone Os" and version "5.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 5.1.1 Search vendor "Apple" for product "Iphone Os" and version "5.1.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 6.0 Search vendor "Apple" for product "Iphone Os" and version "6.0" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 6.0.1 Search vendor "Apple" for product "Iphone Os" and version "6.0.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 6.0.2 Search vendor "Apple" for product "Iphone Os" and version "6.0.2" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 6.1 Search vendor "Apple" for product "Iphone Os" and version "6.1" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 6.1.2 Search vendor "Apple" for product "Iphone Os" and version "6.1.2" | - |
Affected
| ||||||
Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | 6.1.3 Search vendor "Apple" for product "Iphone Os" and version "6.1.3" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | <= 21.0.1180.88 Search vendor "Google" for product "Chrome" and version " <= 21.0.1180.88" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.0 Search vendor "Google" for product "Chrome" and version "21.0.1180.0" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.1 Search vendor "Google" for product "Chrome" and version "21.0.1180.1" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.2 Search vendor "Google" for product "Chrome" and version "21.0.1180.2" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.31 Search vendor "Google" for product "Chrome" and version "21.0.1180.31" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.32 Search vendor "Google" for product "Chrome" and version "21.0.1180.32" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.33 Search vendor "Google" for product "Chrome" and version "21.0.1180.33" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.34 Search vendor "Google" for product "Chrome" and version "21.0.1180.34" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.35 Search vendor "Google" for product "Chrome" and version "21.0.1180.35" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.36 Search vendor "Google" for product "Chrome" and version "21.0.1180.36" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.37 Search vendor "Google" for product "Chrome" and version "21.0.1180.37" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.38 Search vendor "Google" for product "Chrome" and version "21.0.1180.38" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.39 Search vendor "Google" for product "Chrome" and version "21.0.1180.39" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.41 Search vendor "Google" for product "Chrome" and version "21.0.1180.41" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.46 Search vendor "Google" for product "Chrome" and version "21.0.1180.46" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.47 Search vendor "Google" for product "Chrome" and version "21.0.1180.47" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.48 Search vendor "Google" for product "Chrome" and version "21.0.1180.48" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.49 Search vendor "Google" for product "Chrome" and version "21.0.1180.49" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.50 Search vendor "Google" for product "Chrome" and version "21.0.1180.50" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.51 Search vendor "Google" for product "Chrome" and version "21.0.1180.51" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.52 Search vendor "Google" for product "Chrome" and version "21.0.1180.52" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.53 Search vendor "Google" for product "Chrome" and version "21.0.1180.53" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.54 Search vendor "Google" for product "Chrome" and version "21.0.1180.54" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.55 Search vendor "Google" for product "Chrome" and version "21.0.1180.55" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.56 Search vendor "Google" for product "Chrome" and version "21.0.1180.56" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.57 Search vendor "Google" for product "Chrome" and version "21.0.1180.57" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.59 Search vendor "Google" for product "Chrome" and version "21.0.1180.59" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.60 Search vendor "Google" for product "Chrome" and version "21.0.1180.60" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.61 Search vendor "Google" for product "Chrome" and version "21.0.1180.61" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.62 Search vendor "Google" for product "Chrome" and version "21.0.1180.62" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.63 Search vendor "Google" for product "Chrome" and version "21.0.1180.63" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.64 Search vendor "Google" for product "Chrome" and version "21.0.1180.64" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.68 Search vendor "Google" for product "Chrome" and version "21.0.1180.68" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.69 Search vendor "Google" for product "Chrome" and version "21.0.1180.69" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.70 Search vendor "Google" for product "Chrome" and version "21.0.1180.70" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.71 Search vendor "Google" for product "Chrome" and version "21.0.1180.71" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.72 Search vendor "Google" for product "Chrome" and version "21.0.1180.72" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.73 Search vendor "Google" for product "Chrome" and version "21.0.1180.73" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.74 Search vendor "Google" for product "Chrome" and version "21.0.1180.74" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.75 Search vendor "Google" for product "Chrome" and version "21.0.1180.75" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.76 Search vendor "Google" for product "Chrome" and version "21.0.1180.76" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.77 Search vendor "Google" for product "Chrome" and version "21.0.1180.77" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.78 Search vendor "Google" for product "Chrome" and version "21.0.1180.78" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.79 Search vendor "Google" for product "Chrome" and version "21.0.1180.79" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.80 Search vendor "Google" for product "Chrome" and version "21.0.1180.80" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.81 Search vendor "Google" for product "Chrome" and version "21.0.1180.81" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.82 Search vendor "Google" for product "Chrome" and version "21.0.1180.82" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.83 Search vendor "Google" for product "Chrome" and version "21.0.1180.83" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.84 Search vendor "Google" for product "Chrome" and version "21.0.1180.84" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.85 Search vendor "Google" for product "Chrome" and version "21.0.1180.85" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.86 Search vendor "Google" for product "Chrome" and version "21.0.1180.86" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 21.0.1180.87 Search vendor "Google" for product "Chrome" and version "21.0.1180.87" | - |
Affected
| ||||||
Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | <= 2.9.0 Search vendor "Xmlsoft" for product "Libxml2" and version " <= 2.9.0" | rc1 |
Affected
|