// For flags

CVE-2012-2871

libxslt: Heap-buffer overflow caused by bad cast in XSL transforms

Severity Score

6.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.

libxml2 v2.9.0-rc1 y anteriores, tal como se utiliza en Google Chrome antes de v21.0.1180.89, no admite correctamente un conversión de una variable no especificada durante la manipulación de las transformaciones XSL, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto desconocido a través de un documento diseñado para tal fin. Se trata de un problema relacionado con la estructura de datos _xmlNs en include/libxml/tree.h.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-05-19 CVE Reserved
  • 2012-08-31 CVE Published
  • 2024-03-31 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-122: Heap-based Buffer Overflow
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
<= 6.1.4
Search vendor "Apple" for product "Iphone Os" and version " <= 6.1.4"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
1.0.0
Search vendor "Apple" for product "Iphone Os" and version "1.0.0"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
1.0.1
Search vendor "Apple" for product "Iphone Os" and version "1.0.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
1.0.2
Search vendor "Apple" for product "Iphone Os" and version "1.0.2"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
1.1.0
Search vendor "Apple" for product "Iphone Os" and version "1.1.0"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
1.1.1
Search vendor "Apple" for product "Iphone Os" and version "1.1.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
1.1.2
Search vendor "Apple" for product "Iphone Os" and version "1.1.2"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
1.1.3
Search vendor "Apple" for product "Iphone Os" and version "1.1.3"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
1.1.4
Search vendor "Apple" for product "Iphone Os" and version "1.1.4"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
1.1.5
Search vendor "Apple" for product "Iphone Os" and version "1.1.5"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
2.0
Search vendor "Apple" for product "Iphone Os" and version "2.0"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
2.0.0
Search vendor "Apple" for product "Iphone Os" and version "2.0.0"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
2.0.1
Search vendor "Apple" for product "Iphone Os" and version "2.0.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
2.0.2
Search vendor "Apple" for product "Iphone Os" and version "2.0.2"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
2.1
Search vendor "Apple" for product "Iphone Os" and version "2.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
2.1.1
Search vendor "Apple" for product "Iphone Os" and version "2.1.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
2.2
Search vendor "Apple" for product "Iphone Os" and version "2.2"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
2.2.1
Search vendor "Apple" for product "Iphone Os" and version "2.2.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
3.0
Search vendor "Apple" for product "Iphone Os" and version "3.0"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
3.0.1
Search vendor "Apple" for product "Iphone Os" and version "3.0.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
3.1
Search vendor "Apple" for product "Iphone Os" and version "3.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
3.1.2
Search vendor "Apple" for product "Iphone Os" and version "3.1.2"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
3.1.3
Search vendor "Apple" for product "Iphone Os" and version "3.1.3"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
3.2
Search vendor "Apple" for product "Iphone Os" and version "3.2"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
3.2.1
Search vendor "Apple" for product "Iphone Os" and version "3.2.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
3.2.2
Search vendor "Apple" for product "Iphone Os" and version "3.2.2"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
4.0
Search vendor "Apple" for product "Iphone Os" and version "4.0"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
4.0.1
Search vendor "Apple" for product "Iphone Os" and version "4.0.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
4.0.2
Search vendor "Apple" for product "Iphone Os" and version "4.0.2"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
4.1
Search vendor "Apple" for product "Iphone Os" and version "4.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
4.2.1
Search vendor "Apple" for product "Iphone Os" and version "4.2.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
4.2.5
Search vendor "Apple" for product "Iphone Os" and version "4.2.5"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
4.2.8
Search vendor "Apple" for product "Iphone Os" and version "4.2.8"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
4.3.0
Search vendor "Apple" for product "Iphone Os" and version "4.3.0"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
4.3.1
Search vendor "Apple" for product "Iphone Os" and version "4.3.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
4.3.2
Search vendor "Apple" for product "Iphone Os" and version "4.3.2"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
4.3.3
Search vendor "Apple" for product "Iphone Os" and version "4.3.3"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
4.3.5
Search vendor "Apple" for product "Iphone Os" and version "4.3.5"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
5.0
Search vendor "Apple" for product "Iphone Os" and version "5.0"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
5.0.1
Search vendor "Apple" for product "Iphone Os" and version "5.0.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
5.1
Search vendor "Apple" for product "Iphone Os" and version "5.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
5.1.1
Search vendor "Apple" for product "Iphone Os" and version "5.1.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
6.0
Search vendor "Apple" for product "Iphone Os" and version "6.0"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
6.0.1
Search vendor "Apple" for product "Iphone Os" and version "6.0.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
6.0.2
Search vendor "Apple" for product "Iphone Os" and version "6.0.2"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
6.1
Search vendor "Apple" for product "Iphone Os" and version "6.1"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
6.1.2
Search vendor "Apple" for product "Iphone Os" and version "6.1.2"
-
Affected
Apple
Search vendor "Apple"
Iphone Os
Search vendor "Apple" for product "Iphone Os"
6.1.3
Search vendor "Apple" for product "Iphone Os" and version "6.1.3"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
<= 21.0.1180.88
Search vendor "Google" for product "Chrome" and version " <= 21.0.1180.88"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.0
Search vendor "Google" for product "Chrome" and version "21.0.1180.0"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.1
Search vendor "Google" for product "Chrome" and version "21.0.1180.1"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.2
Search vendor "Google" for product "Chrome" and version "21.0.1180.2"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.31
Search vendor "Google" for product "Chrome" and version "21.0.1180.31"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.32
Search vendor "Google" for product "Chrome" and version "21.0.1180.32"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.33
Search vendor "Google" for product "Chrome" and version "21.0.1180.33"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.34
Search vendor "Google" for product "Chrome" and version "21.0.1180.34"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.35
Search vendor "Google" for product "Chrome" and version "21.0.1180.35"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.36
Search vendor "Google" for product "Chrome" and version "21.0.1180.36"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.37
Search vendor "Google" for product "Chrome" and version "21.0.1180.37"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.38
Search vendor "Google" for product "Chrome" and version "21.0.1180.38"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.39
Search vendor "Google" for product "Chrome" and version "21.0.1180.39"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.41
Search vendor "Google" for product "Chrome" and version "21.0.1180.41"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.46
Search vendor "Google" for product "Chrome" and version "21.0.1180.46"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.47
Search vendor "Google" for product "Chrome" and version "21.0.1180.47"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.48
Search vendor "Google" for product "Chrome" and version "21.0.1180.48"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.49
Search vendor "Google" for product "Chrome" and version "21.0.1180.49"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.50
Search vendor "Google" for product "Chrome" and version "21.0.1180.50"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.51
Search vendor "Google" for product "Chrome" and version "21.0.1180.51"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.52
Search vendor "Google" for product "Chrome" and version "21.0.1180.52"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.53
Search vendor "Google" for product "Chrome" and version "21.0.1180.53"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.54
Search vendor "Google" for product "Chrome" and version "21.0.1180.54"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.55
Search vendor "Google" for product "Chrome" and version "21.0.1180.55"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.56
Search vendor "Google" for product "Chrome" and version "21.0.1180.56"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.57
Search vendor "Google" for product "Chrome" and version "21.0.1180.57"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.59
Search vendor "Google" for product "Chrome" and version "21.0.1180.59"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.60
Search vendor "Google" for product "Chrome" and version "21.0.1180.60"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.61
Search vendor "Google" for product "Chrome" and version "21.0.1180.61"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.62
Search vendor "Google" for product "Chrome" and version "21.0.1180.62"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.63
Search vendor "Google" for product "Chrome" and version "21.0.1180.63"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.64
Search vendor "Google" for product "Chrome" and version "21.0.1180.64"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.68
Search vendor "Google" for product "Chrome" and version "21.0.1180.68"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.69
Search vendor "Google" for product "Chrome" and version "21.0.1180.69"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.70
Search vendor "Google" for product "Chrome" and version "21.0.1180.70"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.71
Search vendor "Google" for product "Chrome" and version "21.0.1180.71"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.72
Search vendor "Google" for product "Chrome" and version "21.0.1180.72"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.73
Search vendor "Google" for product "Chrome" and version "21.0.1180.73"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.74
Search vendor "Google" for product "Chrome" and version "21.0.1180.74"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.75
Search vendor "Google" for product "Chrome" and version "21.0.1180.75"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.76
Search vendor "Google" for product "Chrome" and version "21.0.1180.76"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.77
Search vendor "Google" for product "Chrome" and version "21.0.1180.77"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.78
Search vendor "Google" for product "Chrome" and version "21.0.1180.78"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.79
Search vendor "Google" for product "Chrome" and version "21.0.1180.79"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.80
Search vendor "Google" for product "Chrome" and version "21.0.1180.80"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.81
Search vendor "Google" for product "Chrome" and version "21.0.1180.81"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.82
Search vendor "Google" for product "Chrome" and version "21.0.1180.82"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.83
Search vendor "Google" for product "Chrome" and version "21.0.1180.83"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.84
Search vendor "Google" for product "Chrome" and version "21.0.1180.84"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.85
Search vendor "Google" for product "Chrome" and version "21.0.1180.85"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.86
Search vendor "Google" for product "Chrome" and version "21.0.1180.86"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.87
Search vendor "Google" for product "Chrome" and version "21.0.1180.87"
-
Affected
Xmlsoft
Search vendor "Xmlsoft"
Libxml2
Search vendor "Xmlsoft" for product "Libxml2"
<= 2.9.0
Search vendor "Xmlsoft" for product "Libxml2" and version " <= 2.9.0"
rc1
Affected