7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.026 Low
EPSS
Percentile
90.4%
Double free vulnerability in libxml2, as used in Google Chrome before
13.0.782.215, allows remote attackers to cause a denial of service or
possibly have unspecified other impact via a crafted XPath expression.
Author | Note |
---|---|
mdeslaur | debian says it’s http://git.gnome.org/browse/libxml2/commit/?id=fec31bcd452e77c10579467ca87a785b41115de6 |
jdstrand | patch too risky for Ubuntu 8.04 LTS |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | chromium-browser | < 14.0.835.202~r103287-0ubuntu0.10.04.2 | UNKNOWN |
ubuntu | 10.10 | noarch | chromium-browser | < 14.0.835.202~r103287-0ubuntu0.10.10.1 | UNKNOWN |
ubuntu | 11.04 | noarch | chromium-browser | < 14.0.835.202~r103287-0ubuntu0.11.04.1 | UNKNOWN |
ubuntu | 10.04 | noarch | libxml2 | < 2.7.6.dfsg-1ubuntu1.3 | UNKNOWN |
ubuntu | 10.10 | noarch | libxml2 | < 2.7.7.dfsg-4ubuntu0.3 | UNKNOWN |
ubuntu | 11.04 | noarch | libxml2 | < 2.7.8.dfsg-2ubuntu0.2 | UNKNOWN |
ubuntu | 11.10 | noarch | libxml2 | < 2.7.8.dfsg-4ubuntu0.1 | UNKNOWN |