CVE-2010-4008

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
Affected Products (NVD)
VendorProductVersion
googlechrome
𝑥
< 7.0.517.44
appleitunes
𝑥
< 10.2
applesafari
𝑥
< 5.0.4
appleiphone_os
𝑥
< 4.2
applemac_os_x
𝑥
< 10.6.7
xmlsoftlibxml2
𝑥
< 2.7.8
debiandebian_linux
5.0
debiandebian_linux
6.0
canonicalubuntu_linux
6.06
canonicalubuntu_linux
8.04
canonicalubuntu_linux
9.10
canonicalubuntu_linux
10.04
canonicalubuntu_linux
10.10
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_server_eus
6.3
redhatenterprise_linux_workstation
6.0
opensuseopensuse
11.1
opensuseopensuse
11.2
opensuseopensuse
11.3
apacheopenoffice
2.0.0 ≤
𝑥
≤ 2.4.3
apacheopenoffice
3.0.0 ≤
𝑥
< 3.3.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libxml2
bookworm
2.9.14+dfsg-1.3~deb12u1
fixed
bullseye
2.9.10+dfsg-6.7+deb11u4
fixed
bullseye (security)
2.9.10+dfsg-6.7+deb11u5
fixed
sid
2.12.7+dfsg+really2.9.14-0.1
fixed
trixie
2.12.7+dfsg+really2.9.14-0.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libxml2
dapper
Fixed 2.6.24.dfsg-1ubuntu1.6
released
hardy
Fixed 2.6.31.dfsg-2ubuntu1.5
released
karmic
Fixed 2.7.5.dfsg-1ubuntu1.2
released
lucid
Fixed 2.7.6.dfsg-1ubuntu1.1
released
maverick
Fixed 2.7.7.dfsg-4ubuntu0.1
released
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
libxml2
RHEL 6
0:2.7.6-4.el6
fixed
libxml2-devel
RHEL 6
0:2.7.6-4.el6
fixed
libxml2-python
RHEL 6
0:2.7.6-4.el6
fixed
libxml2-static
RHEL 6
0:2.7.6-4.el6
fixed
mingw32-libxml2
RHEL 6
0:2.7.6-6.el6_3
fixed
mingw32-libxml2-static
RHEL 6
0:2.7.6-6.el6_3
fixed
Common Weakness Enumeration
References
http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/
http://code.google.com/p/chromium/issues/detail?id=58731
http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
http://mail.gnome.org/archives/xml/2010-November/msg00015.html
http://marc.info/?l=bugtraq&m=130331363227777&w=2
http://marc.info/?l=bugtraq&m=139447903326211&w=2
http://rhn.redhat.com/errata/RHSA-2013-0217.html
http://secunia.com/advisories/40775
http://secunia.com/advisories/42109
http://secunia.com/advisories/42175
http://secunia.com/advisories/42314
http://secunia.com/advisories/42429
http://support.apple.com/kb/HT4456
http://support.apple.com/kb/HT4554
http://support.apple.com/kb/HT4566
http://support.apple.com/kb/HT4581
http://www.debian.org/security/2010/dsa-2128
http://www.mandriva.com/security/advisories?name=MDVSA-2010:243
http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html
http://www.redhat.com/support/errata/RHSA-2011-1749.html
http://www.securityfocus.com/bid/44779
http://www.ubuntu.com/usn/USN-1016-1
http://www.vupen.com/english/advisories/2010/3046
http://www.vupen.com/english/advisories/2010/3076
http://www.vupen.com/english/advisories/2010/3100
http://www.vupen.com/english/advisories/2011/0230
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148
http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/
http://code.google.com/p/chromium/issues/detail?id=58731
http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
http://mail.gnome.org/archives/xml/2010-November/msg00015.html
http://marc.info/?l=bugtraq&m=130331363227777&w=2
http://marc.info/?l=bugtraq&m=139447903326211&w=2
http://rhn.redhat.com/errata/RHSA-2013-0217.html
http://secunia.com/advisories/40775
http://secunia.com/advisories/42109
http://secunia.com/advisories/42175
http://secunia.com/advisories/42314
http://secunia.com/advisories/42429
http://support.apple.com/kb/HT4456
http://support.apple.com/kb/HT4554
http://support.apple.com/kb/HT4566
http://support.apple.com/kb/HT4581
http://www.debian.org/security/2010/dsa-2128
http://www.mandriva.com/security/advisories?name=MDVSA-2010:243
http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html
http://www.redhat.com/support/errata/RHSA-2011-1749.html
http://www.securityfocus.com/bid/44779
http://www.ubuntu.com/usn/USN-1016-1
http://www.vupen.com/english/advisories/2010/3046
http://www.vupen.com/english/advisories/2010/3076
http://www.vupen.com/english/advisories/2010/3100
http://www.vupen.com/english/advisories/2011/0230
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148