4.3

CVE-2013-4520

Exploit

xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type.  NOTE: this issue is due to an incomplete fix for CVE-2012-2825.

Data is provided by the National Vulnerability Database (NVD)
XmlsoftLibxslt Version <= 1.1.24
XmlsoftLibxslt Version0.0.1
XmlsoftLibxslt Version0.1.0
XmlsoftLibxslt Version0.2.0
XmlsoftLibxslt Version0.3.0
XmlsoftLibxslt Version0.4.0
XmlsoftLibxslt Version0.5.0
XmlsoftLibxslt Version0.6.0
XmlsoftLibxslt Version0.7.0
XmlsoftLibxslt Version0.8.0
XmlsoftLibxslt Version0.9.0
XmlsoftLibxslt Version0.10.0
XmlsoftLibxslt Version0.11.0
XmlsoftLibxslt Version0.12.0
XmlsoftLibxslt Version0.13.0
XmlsoftLibxslt Version0.14.0
XmlsoftLibxslt Version1.0.0
XmlsoftLibxslt Version1.0.1
XmlsoftLibxslt Version1.0.2
XmlsoftLibxslt Version1.0.3
XmlsoftLibxslt Version1.0.4
XmlsoftLibxslt Version1.0.5
XmlsoftLibxslt Version1.0.6
XmlsoftLibxslt Version1.0.7
XmlsoftLibxslt Version1.0.8
XmlsoftLibxslt Version1.0.9
XmlsoftLibxslt Version1.0.10
XmlsoftLibxslt Version1.0.11
XmlsoftLibxslt Version1.0.12
XmlsoftLibxslt Version1.0.13
XmlsoftLibxslt Version1.0.14
XmlsoftLibxslt Version1.0.15
XmlsoftLibxslt Version1.0.16
XmlsoftLibxslt Version1.0.17
XmlsoftLibxslt Version1.0.18
XmlsoftLibxslt Version1.0.19
XmlsoftLibxslt Version1.0.20
XmlsoftLibxslt Version1.0.21
XmlsoftLibxslt Version1.0.22
XmlsoftLibxslt Version1.0.23
XmlsoftLibxslt Version1.0.24
XmlsoftLibxslt Version1.0.25
XmlsoftLibxslt Version1.0.26
XmlsoftLibxslt Version1.0.27
XmlsoftLibxslt Version1.0.28
XmlsoftLibxslt Version1.0.29
XmlsoftLibxslt Version1.0.30
XmlsoftLibxslt Version1.0.31
XmlsoftLibxslt Version1.0.32
XmlsoftLibxslt Version1.0.33
XmlsoftLibxslt Version1.1.0
XmlsoftLibxslt Version1.1.1
XmlsoftLibxslt Version1.1.2
XmlsoftLibxslt Version1.1.3
XmlsoftLibxslt Version1.1.4
XmlsoftLibxslt Version1.1.5
XmlsoftLibxslt Version1.1.6
XmlsoftLibxslt Version1.1.7
XmlsoftLibxslt Version1.1.8
XmlsoftLibxslt Version1.1.9
XmlsoftLibxslt Version1.1.10
XmlsoftLibxslt Version1.1.11
XmlsoftLibxslt Version1.1.12
XmlsoftLibxslt Version1.1.13
XmlsoftLibxslt Version1.1.14
XmlsoftLibxslt Version1.1.15
XmlsoftLibxslt Version1.1.16
XmlsoftLibxslt Version1.1.17
XmlsoftLibxslt Version1.1.18
XmlsoftLibxslt Version1.1.19
XmlsoftLibxslt Version1.1.20
XmlsoftLibxslt Version1.1.21
XmlsoftLibxslt Version1.1.22
XmlsoftLibxslt Version1.1.23
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 1.43% 0.798
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P