Lucene search

Veracode Vulnerability DatabaseVERACODE:7080

HistoryJul 17, 2018 - 10:26 a.m.

Denial Of Service (DoS)

2018-07-1710:26:43

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.048 Low

EPSS

Percentile

92.8%

JSON

libxslt.so is vulnerable to denial of service (DoS) attacks. The library does not properly handle namespace nodes, allowing a malicious user to pass a file to the application to cause an out-of-bounds memory heap-access that can crash the application or execute arbitrary code.

CPENameOperatorVersion
libxslt.sole1.1.28
libxslteq1.1.28
libxslt.sole1.1.28
libxslteq1.1.28

Name	Operator	Version
libxslt.so	le	1.1.28
libxslt	eq	1.1.28
libxslt.so	le	1.1.28
libxslt	eq	1.1.28

References

googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html

lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

lists.apple.com/archives/security-announce/2016/Jul/msg00002.html

lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

lists.apple.com/archives/security-announce/2016/Jul/msg00005.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html

www.debian.org/security/2016/dsa-3590

www.debian.org/security/2016/dsa-3605

www.securityfocus.com/bid/90876

www.securityfocus.com/bid/91826

www.securitytracker.com/id/1035981

www.ubuntu.com/usn/USN-2992-1

access.redhat.com/errata/RHSA-2016:1190

bugzilla.redhat.com/show_bug.cgi?id=1340016

crbug.com/583156

git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242

gitlab.gnome.org/GNOME/libxslt/commit/d182d8f6ba3071503d96ce17395c9d55871f0242

security.gentoo.org/glsa/201607-07

support.apple.com/HT206899

support.apple.com/HT206901

support.apple.com/HT206902

support.apple.com/HT206903

support.apple.com/HT206904

support.apple.com/HT206905

0.048 Low

EPSS

Percentile

92.8%

JSON

Related for VERACODE:7080