CVE-2011-1425

EUVD-2011-1430
xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.1 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
alekseyxml_security_library
𝑥
≤ 1.2.16
alekseyxml_security_library
0.0.1
alekseyxml_security_library
0.0.2
alekseyxml_security_library
0.0.2a:a
alekseyxml_security_library
0.0.3
alekseyxml_security_library
0.0.4
alekseyxml_security_library
0.0.5
alekseyxml_security_library
0.0.6
alekseyxml_security_library
0.0.7
alekseyxml_security_library
0.0.8
alekseyxml_security_library
0.0.9
alekseyxml_security_library
0.0.10
alekseyxml_security_library
0.0.11
alekseyxml_security_library
0.0.12
alekseyxml_security_library
0.0.13
alekseyxml_security_library
0.0.14
alekseyxml_security_library
0.0.15
alekseyxml_security_library
0.1.0
alekseyxml_security_library
0.1.1
alekseyxml_security_library
1.0.0
alekseyxml_security_library
1.0.0:rc1
alekseyxml_security_library
1.0.1
alekseyxml_security_library
1.0.2
alekseyxml_security_library
1.0.3
alekseyxml_security_library
1.0.4
alekseyxml_security_library
1.1.0
alekseyxml_security_library
1.1.1
alekseyxml_security_library
1.1.2
alekseyxml_security_library
1.2.0
alekseyxml_security_library
1.2.1
alekseyxml_security_library
1.2.2
alekseyxml_security_library
1.2.3
alekseyxml_security_library
1.2.4
alekseyxml_security_library
1.2.5
alekseyxml_security_library
1.2.6
alekseyxml_security_library
1.2.7
alekseyxml_security_library
1.2.8
alekseyxml_security_library
1.2.9
alekseyxml_security_library
1.2.10
alekseyxml_security_library
1.2.11
alekseyxml_security_library
1.2.13
alekseyxml_security_library
1.2.14
alekseyxml_security_library
1.2.15
applewebkit
*
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
xmlsec1
bookworm
1.2.37-2
fixed
bullseye
1.2.31-1
fixed
sid
1.2.41-1
fixed
trixie
1.2.41-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
xmlsec1
dapper
ignored
hardy
ignored
karmic
ignored
lucid
ignored
maverick
Fixed 1.2.14-1+squeeze1build0.10.10.1
released
natty
Fixed 1.2.14-1+squeeze1build0.11.04.1
released
oneiric
not-affected
precise
not-affected
quantal
not-affected
raring
not-affected
saucy
not-affected
Common Weakness Enumeration
References
http://git.gnome.org/browse/xmlsec/commit/?id=2d5eddcc4163ea050cf3a3a1a25452bb5124f780
http://git.gnome.org/browse/xmlsec/commit/?id=35eaacde6093d6711339754fc2146341b8b9f5fa
http://secunia.com/advisories/43920
http://secunia.com/advisories/44167
http://secunia.com/advisories/44423
http://trac.webkit.org/changeset/79159
http://www.aleksey.com/pipermail/xmlsec/2011/009120.html
http://www.debian.org/security/2011/dsa-2219
http://www.mandriva.com/security/advisories?name=MDVSA-2011:063
http://www.redhat.com/support/errata/RHSA-2011-0486.html
http://www.securityfocus.com/bid/47135
http://www.securitytracker.com/id?1025284
http://www.vupen.com/english/advisories/2011/0855
http://www.vupen.com/english/advisories/2011/0858
http://www.vupen.com/english/advisories/2011/1010
http://www.vupen.com/english/advisories/2011/1172
https://bugs.webkit.org/show_bug.cgi?id=52688
https://bugzilla.redhat.com/show_bug.cgi?id=692133
https://exchange.xforce.ibmcloud.com/vulnerabilities/66506
http://git.gnome.org/browse/xmlsec/commit/?id=2d5eddcc4163ea050cf3a3a1a25452bb5124f780
http://git.gnome.org/browse/xmlsec/commit/?id=35eaacde6093d6711339754fc2146341b8b9f5fa
http://secunia.com/advisories/43920
http://secunia.com/advisories/44167
http://secunia.com/advisories/44423
http://trac.webkit.org/changeset/79159
http://www.aleksey.com/pipermail/xmlsec/2011/009120.html
http://www.debian.org/security/2011/dsa-2219
http://www.mandriva.com/security/advisories?name=MDVSA-2011:063
http://www.redhat.com/support/errata/RHSA-2011-0486.html
http://www.securityfocus.com/bid/47135
http://www.securitytracker.com/id?1025284
http://www.vupen.com/english/advisories/2011/0855
http://www.vupen.com/english/advisories/2011/0858
http://www.vupen.com/english/advisories/2011/1010
http://www.vupen.com/english/advisories/2011/1172
https://bugs.webkit.org/show_bug.cgi?id=52688
https://bugzilla.redhat.com/show_bug.cgi?id=692133
https://exchange.xforce.ibmcloud.com/vulnerabilities/66506