CVE-2011-1944

EUVD-2011-1941
Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
xmlsoftlibxml2
2.6.0
xmlsoftlibxml2
2.6.1
xmlsoftlibxml2
2.6.2
xmlsoftlibxml2
2.6.3
xmlsoftlibxml2
2.6.4
xmlsoftlibxml2
2.6.5
xmlsoftlibxml2
2.6.6
xmlsoftlibxml2
2.6.7
xmlsoftlibxml2
2.6.8
xmlsoftlibxml2
2.6.9
xmlsoftlibxml2
2.6.11
xmlsoftlibxml2
2.6.12
xmlsoftlibxml2
2.6.13
xmlsoftlibxml2
2.6.14
xmlsoftlibxml2
2.6.16
xmlsoftlibxml2
2.6.17
xmlsoftlibxml2
2.6.18
xmlsoftlibxml2
2.6.20
xmlsoftlibxml2
2.6.22
xmlsoftlibxml2
2.6.26
xmlsoftlibxml2
2.6.27
xmlsoftlibxml2
2.6.30
xmlsoftlibxml2
2.6.32
xmlsoftlibxml2
2.7.0
xmlsoftlibxml2
2.7.1
xmlsoftlibxml2
2.7.2
xmlsoftlibxml2
2.7.3
xmlsoftlibxml2
2.7.4
xmlsoftlibxml2
2.7.5
xmlsoftlibxml2
2.7.6
xmlsoftlibxml2
2.7.7
xmlsoftlibxml2
2.7.8
xmlsoftlibxml
𝑥
≤ 1.8.16
xmlsoftlibxml
1.5.0
xmlsoftlibxml
1.6.0
xmlsoftlibxml
1.6.1
xmlsoftlibxml
1.6.2
xmlsoftlibxml
1.7.0
xmlsoftlibxml
1.7.1
xmlsoftlibxml
1.7.2
xmlsoftlibxml
1.7.3
xmlsoftlibxml
1.7.4
xmlsoftlibxml
1.8.0
xmlsoftlibxml
1.8.1
xmlsoftlibxml
1.8.2
xmlsoftlibxml
1.8.3
xmlsoftlibxml
1.8.4
xmlsoftlibxml
1.8.5
xmlsoftlibxml
1.8.6
xmlsoftlibxml
1.8.7
xmlsoftlibxml
1.8.8
xmlsoftlibxml
1.8.9
xmlsoftlibxml
1.8.10
xmlsoftlibxml
1.8.11
xmlsoftlibxml
1.8.12
xmlsoftlibxml
1.8.13
xmlsoftlibxml
1.8.14
xmlsoftlibxml
1.8.15
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libxml2
bookworm
2.9.14+dfsg-1.3~deb12u1
fixed
bullseye
2.9.10+dfsg-6.7+deb11u4
fixed
bullseye (security)
2.9.10+dfsg-6.7+deb11u5
fixed
sid
2.12.7+dfsg+really2.9.14-0.1
fixed
trixie
2.12.7+dfsg+really2.9.14-0.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libxml2
hardy
Fixed 2.6.31.dfsg-2ubuntu1.6
released
lucid
Fixed 2.7.6.dfsg-1ubuntu1.2
released
maverick
Fixed 2.7.7.dfsg-4ubuntu0.2
released
natty
Fixed 2.7.8.dfsg-2ubuntu0.1
released
Common Weakness Enumeration
References
http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062238.html
http://lists.opensuse.org/opensuse-updates/2011-07/msg00035.html
http://rhn.redhat.com/errata/RHSA-2013-0217.html
http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html
http://secunia.com/advisories/44711
http://support.apple.com/kb/HT5281
http://support.apple.com/kb/HT5503
http://ubuntu.com/usn/usn-1153-1
http://www.debian.org/security/2011/dsa-2255
http://www.mandriva.com/security/advisories?name=MDVSA-2011:131
http://www.openwall.com/lists/oss-security/2011/05/31/8
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.osvdb.org/73248
http://www.redhat.com/support/errata/RHSA-2011-1749.html
http://www.securityfocus.com/bid/48056
https://bugzilla.redhat.com/show_bug.cgi?id=709747
http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062238.html
http://lists.opensuse.org/opensuse-updates/2011-07/msg00035.html
http://rhn.redhat.com/errata/RHSA-2013-0217.html
http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html
http://secunia.com/advisories/44711
http://support.apple.com/kb/HT5281
http://support.apple.com/kb/HT5503
http://ubuntu.com/usn/usn-1153-1
http://www.debian.org/security/2011/dsa-2255
http://www.mandriva.com/security/advisories?name=MDVSA-2011:131
http://www.openwall.com/lists/oss-security/2011/05/31/8
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.osvdb.org/73248
http://www.redhat.com/support/errata/RHSA-2011-1749.html
http://www.securityfocus.com/bid/48056
https://bugzilla.redhat.com/show_bug.cgi?id=709747