Информационная безопасность
[RU] switch to English


Повреждение памяти в libxml2
дополнено с 19 июня 2011 г.
Опубликовано:16 октября 2011 г.
Источник:
SecurityVulns ID:11744
Тип:библиотека
Уровень опасности:
5/10
Описание: Различные уязвимости относящиеся к обработке XPath
Затронутые продукты:LIBXML : libxml 2.7
CVE:CVE-2011-2834 (Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.)
 CVE-2011-2821 (Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.)
 CVE-2011-1944 (Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.)
Оригинальный текстdocumentUBUNTU, [USN-1153-1] libxml2 vulnerability (19.06.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород