National Cyber Awareness System

Vulnerability Summary for CVE-2011-1944

Overview

Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: CONFIRM

Name: https://bugzilla.redhat.com/show_bug.cgi?id=709747

Type: Patch Information; Exploit

Hyperlink:https://bugzilla.redhat.com/show_bug.cgi?id=709747

External Source: MLIST

Name: [oss-security] 20110531 Re: CVE request: libxml vulnerability and interesting integer issues

Type: Patch Information; Exploit

Hyperlink:http://www.openwall.com/lists/oss-security/2011/05/31/8

External Source: MISC

Name: http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html

Type: Advisory; Patch Information

Hyperlink:http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html

External Source: FEDORA

Name: FEDORA-2011-7856

Type: Patch Information; Exploit

Hyperlink:http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062238.html

External Source: CONFIRM

Name: http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4

Type: Patch Information

Hyperlink:http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4

External Source: BID

Name: 48056

Hyperlink:http://www.securityfocus.com/bid/48056

External Source: REDHAT

Name: RHSA-2011:1749

Hyperlink:http://www.redhat.com/support/errata/RHSA-2011-1749.html

External Source: OSVDB

Name: 73248

Hyperlink:http://www.osvdb.org/73248

External Source: MANDRIVA

Name: MDVSA-2011:131

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2011:131

External Source: DEBIAN

Name: DSA-2255

Hyperlink:http://www.debian.org/security/2011/dsa-2255

External Source: UBUNTU

Name: USN-1153-1

Hyperlink:http://ubuntu.com/usn/usn-1153-1

External Source: CONFIRM

Name: http://support.apple.com/kb/HT5503

Hyperlink:http://support.apple.com/kb/HT5503

External Source: CONFIRM

Name: http://support.apple.com/kb/HT5281

Hyperlink:http://support.apple.com/kb/HT5281

External Source: SECUNIA

Name: 44711

Type: Advisory

Hyperlink:http://secunia.com/advisories/44711

External Source: REDHAT

Name: RHSA-2013:0217

Hyperlink:http://rhn.redhat.com/errata/RHSA-2013-0217.html

External Source: SUSE

Name: openSUSE-SU-2011:0839

Hyperlink:http://lists.opensuse.org/opensuse-updates/2011-07/msg00035.html

External Source: APPLE

Name: APPLE-SA-2012-09-19-1

Hyperlink:http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

External Source: APPLE

Name: APPLE-SA-2012-05-09-1

Hyperlink:http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

External Source: HP

Name: SSRT100877

Hyperlink:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041

External Source: HP

Name: HPSBMU02786

Hyperlink:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041