6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.044 Low
EPSS
Percentile
92.4%
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | libxml2 | <Β 2.8.0+dfsg1-7 | libxml2_2.8.0+dfsg1-7_all.deb |
Debian | 11 | all | libxml2 | <Β 2.8.0+dfsg1-7 | libxml2_2.8.0+dfsg1-7_all.deb |
Debian | 999 | all | libxml2 | <Β 2.8.0+dfsg1-7 | libxml2_2.8.0+dfsg1-7_all.deb |
Debian | 13 | all | libxml2 | <Β 2.8.0+dfsg1-7 | libxml2_2.8.0+dfsg1-7_all.deb |