7.5

CVE-2011-3919

Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 16.0.912.75
AppleiPhone OS Version < 6.0
ApplemacOS X Version < 10.7.4
SuseLinux Enterprise Server Version10 Updatesp4 SwEditionltss
DebianDebian Linux Version5.0
DebianDebian Linux Version6.0
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.4% 0.819
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://rhn.redhat.com/errata/RHSA-2013-0217.html
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://support.apple.com/kb/HT5281
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://support.apple.com/kb/HT5503
http://www.debian.org/security/2012/dsa-2394
http://code.google.com/p/chromium/issues/detail?id=107128
http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
http://secunia.com/advisories/47449
http://secunia.com/advisories/55568
http://www.mandriva.com/security/advisories?name=MDVSA-2012:005
http://www.securityfocus.com/bid/51300
http://www.securitytracker.com/id?1026487
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14504