6.8

CVE-2012-2871

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiPhone OS Version <= 6.1.4
AppleiPhone OS Version1.0.0
AppleiPhone OS Version1.0.1
AppleiPhone OS Version1.0.2
AppleiPhone OS Version1.1.0
AppleiPhone OS Version1.1.1
AppleiPhone OS Version1.1.2
AppleiPhone OS Version1.1.3
AppleiPhone OS Version1.1.4
AppleiPhone OS Version1.1.5
AppleiPhone OS Version2.0
AppleiPhone OS Version2.0.0
AppleiPhone OS Version2.0.1
AppleiPhone OS Version2.0.2
AppleiPhone OS Version2.1
AppleiPhone OS Version2.1.1
AppleiPhone OS Version2.2
AppleiPhone OS Version2.2.1
AppleiPhone OS Version3.0
AppleiPhone OS Version3.0.1
AppleiPhone OS Version3.1
AppleiPhone OS Version3.1.2
AppleiPhone OS Version3.1.3
AppleiPhone OS Version3.2
AppleiPhone OS Version3.2.1
AppleiPhone OS Version3.2.2
AppleiPhone OS Version4.0
AppleiPhone OS Version4.0.1
AppleiPhone OS Version4.0.2
AppleiPhone OS Version4.1
AppleiPhone OS Version4.2.1
AppleiPhone OS Version4.2.5
AppleiPhone OS Version4.2.8
AppleiPhone OS Version4.3.0
AppleiPhone OS Version4.3.1
AppleiPhone OS Version4.3.2
AppleiPhone OS Version4.3.3
AppleiPhone OS Version4.3.5
AppleiPhone OS Version5.0
AppleiPhone OS Version5.0.1
AppleiPhone OS Version5.1
AppleiPhone OS Version5.1.1
AppleiPhone OS Version6.0
AppleiPhone OS Version6.0.1
AppleiPhone OS Version6.0.2
AppleiPhone OS Version6.1
AppleiPhone OS Version6.1.2
AppleiPhone OS Version6.1.3
GoogleChrome Version <= 21.0.1180.88
GoogleChrome Version21.0.1180.0
GoogleChrome Version21.0.1180.1
GoogleChrome Version21.0.1180.2
GoogleChrome Version21.0.1180.31
GoogleChrome Version21.0.1180.32
GoogleChrome Version21.0.1180.33
GoogleChrome Version21.0.1180.34
GoogleChrome Version21.0.1180.35
GoogleChrome Version21.0.1180.36
GoogleChrome Version21.0.1180.37
GoogleChrome Version21.0.1180.38
GoogleChrome Version21.0.1180.39
GoogleChrome Version21.0.1180.41
GoogleChrome Version21.0.1180.46
GoogleChrome Version21.0.1180.47
GoogleChrome Version21.0.1180.48
GoogleChrome Version21.0.1180.49
GoogleChrome Version21.0.1180.50
GoogleChrome Version21.0.1180.51
GoogleChrome Version21.0.1180.52
GoogleChrome Version21.0.1180.53
GoogleChrome Version21.0.1180.54
GoogleChrome Version21.0.1180.55
GoogleChrome Version21.0.1180.56
GoogleChrome Version21.0.1180.57
GoogleChrome Version21.0.1180.59
GoogleChrome Version21.0.1180.60
GoogleChrome Version21.0.1180.61
GoogleChrome Version21.0.1180.62
GoogleChrome Version21.0.1180.63
GoogleChrome Version21.0.1180.64
GoogleChrome Version21.0.1180.68
GoogleChrome Version21.0.1180.69
GoogleChrome Version21.0.1180.70
GoogleChrome Version21.0.1180.71
GoogleChrome Version21.0.1180.72
GoogleChrome Version21.0.1180.73
GoogleChrome Version21.0.1180.74
GoogleChrome Version21.0.1180.75
GoogleChrome Version21.0.1180.76
GoogleChrome Version21.0.1180.77
GoogleChrome Version21.0.1180.78
GoogleChrome Version21.0.1180.79
GoogleChrome Version21.0.1180.80
GoogleChrome Version21.0.1180.81
GoogleChrome Version21.0.1180.82
GoogleChrome Version21.0.1180.83
GoogleChrome Version21.0.1180.84
GoogleChrome Version21.0.1180.85
GoogleChrome Version21.0.1180.86
GoogleChrome Version21.0.1180.87
XmlsoftLibxml2 Updaterc1 Version <= 2.9.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.38% 0.817
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.mandriva.com/security/advisories?name=MDVSA-2012:164
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
http://secunia.com/advisories/54886
http://support.apple.com/kb/HT5934
http://support.apple.com/kb/HT6001
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html
http://secunia.com/advisories/50838
http://www.debian.org/security/2012/dsa-2555
http://code.google.com/p/chromium/issues/detail?id=138673
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src/include/libxml/tree.h?r1=56276&r2=149930
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src/include/libxml/tree.h?view=log
https://chromiumcodereview.appspot.com/10824157
https://exchange.xforce.ibmcloud.com/vulnerabilities/78179