Lucene search
Chris EvansEDB-ID:35810HistoryMay 31, 2011 - 12:00 a.m.
libxmlInvalid 2.7.x - XPath Multiple Memory Corruption Vulnerabilities
2011-05-3100:00:00
Chris Evans
www.exploit-db.com
18
source: https://www.securityfocus.com/bid/48056/info
The 'libxml2' library is prone to multiple memory-corruption vulnerabilities, including one that can trigger a heap-based buffer-overflow error and an integer-overflow condition.
An attacker can exploit these issues by enticing an unsuspecting user into opening a specially crafted XML file that contains a malicious XPath.
A successful attack can allow attacker-supplied code to run in the context of the application using the vulnerable library or can cause a denial-of-service condition.
//@*/preceding::node()/ancestor::node()/ancestor::foo['foo'] Related
nessus
nessus
Fedora 15 : libxml-1.8.17-27.fc15 (2011-7820)
2011-07-05 00:00:00
SuSE 10 Security Update : libxml2 (ZYPP Patch Number 7600)
2011-12-13 00:00:00
openvas
openvas
Mandriva Update for libxml MDVSA-2011:131 (libxml)
2011-09-07 00:00:00
Debian Security Advisory DSA 2255-1 (libxml2)
2011-08-03 00:00:00
Ubuntu Update for libxml2 USN-1153-1
2011-06-20 00:00:00
debiancve
debiancve
CVE-2011-1944
2011-09-02 16:55:03
prion
prion
Integer overflow
2011-09-02 16:55:00
Design/Logic Flaw
2015-01-21 15:28:00
ubuntu
ubuntu
libxml2 vulnerability
2011-06-16 00:00:00
securityvulns
securityvulns
[USN-1153-1] libxml2 vulnerability
2011-06-19 00:00:00
libxml2 memory corruption
2011-10-16 00:00:00
APPLE-SA-2012-09-24-1 Apple TV 5.1
2012-10-04 00:00:00
cve
cve
CVE-2011-1944
2011-09-02 16:55:03
CVE-2014-6571
2015-01-21 15:28:10
nvd
nvd
CVE-2011-1944
2011-09-02 16:55:03
CVE-2014-6571
2015-01-21 15:28:10
fedora
fedora
[SECURITY] Fedora 15 Update: libxml-1.8.17-27.fc15
2011-07-02 19:29:06
[SECURITY] Fedora 14 Update: libxml-1.8.17-27.fc14
2011-07-02 19:27:30
[SECURITY] Fedora 17 Update: libxml2-2.7.8-9.fc17
2012-09-26 08:56:06
freebsd
freebsd
libxml -- Integer overflow
2011-09-02 00:00:00
ubuntucve
ubuntucve
CVE-2011-1944
2011-06-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:52:19
cvelist
cvelist
CVE-2011-1944
2011-09-02 16:00:00
CVE-2014-6571
2015-01-21 15:00:00
oraclelinux
oraclelinux
libxml2 security update
2013-02-28 00:00:00
libxml2 security and bug fix update
2011-12-14 00:00:00
libxml2 security update
2012-09-18 00:00:00
gentoo
gentoo
libxml2: Multiple vulnerabilities
2011-10-26 00:00:00
centos
centos
libxml2 security update
2012-01-11 19:19:14
mingw32 security update
2013-02-01 00:53:30
thn
thn
Oracle releases 169 Updates, Including 19 Patches for JAVA Vulnerabilities
2015-01-21 08:36:00
redhat
redhat
(RHSA-2011:1749) Low: libxml2 security and bug fix update
2011-12-06 00:00:00
(RHSA-2012:0017) Important: libxml2 security update
2012-01-11 00:00:00
(RHSA-2013:0217) Important: mingw32-libxml2 security update
2013-01-31 00:00:00
vmware
vmware
VMware ESXi update to third party library
2012-07-12 00:00:00
VMware ESX updates to ESX Service Console
2012-04-26 00:00:00
VMware ESXi update to third party library
2012-07-12 00:00:00
osv
osv
libxml2-2-2.9.4-1.22 on GA media
2024-06-15 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47