CVE-2012-2870

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
VendorProductVersion
appleiphone_os
𝑥
≤ 6.1.4
appleiphone_os
1.0.0
appleiphone_os
1.0.1
appleiphone_os
1.0.2
appleiphone_os
1.1.0
appleiphone_os
1.1.1
appleiphone_os
1.1.2
appleiphone_os
1.1.3
appleiphone_os
1.1.4
appleiphone_os
1.1.5
appleiphone_os
2.0
appleiphone_os
2.0.0
appleiphone_os
2.0.1
appleiphone_os
2.0.2
appleiphone_os
2.1
appleiphone_os
2.1.1
appleiphone_os
2.2
appleiphone_os
2.2.1
appleiphone_os
3.0
appleiphone_os
3.0.1
appleiphone_os
3.1
appleiphone_os
3.1.2
appleiphone_os
3.1.3
appleiphone_os
3.2
appleiphone_os
3.2.1
appleiphone_os
3.2.2
appleiphone_os
4.0
appleiphone_os
4.0.1
appleiphone_os
4.0.2
appleiphone_os
4.1
appleiphone_os
4.2.1
appleiphone_os
4.2.5
appleiphone_os
4.2.8
appleiphone_os
4.3.0
appleiphone_os
4.3.1
appleiphone_os
4.3.2
appleiphone_os
4.3.3
appleiphone_os
4.3.5
appleiphone_os
5.0
appleiphone_os
5.0.1
appleiphone_os
5.1
appleiphone_os
5.1.1
appleiphone_os
6.0
appleiphone_os
6.0.1
appleiphone_os
6.0.2
appleiphone_os
6.1
appleiphone_os
6.1.2
appleiphone_os
6.1.3
googlechrome
𝑥
≤ 21.0.1180.88
googlechrome
21.0.1180.0
googlechrome
21.0.1180.1
googlechrome
21.0.1180.2
googlechrome
21.0.1180.31
googlechrome
21.0.1180.32
googlechrome
21.0.1180.33
googlechrome
21.0.1180.34
googlechrome
21.0.1180.35
googlechrome
21.0.1180.36
googlechrome
21.0.1180.37
googlechrome
21.0.1180.38
googlechrome
21.0.1180.39
googlechrome
21.0.1180.41
googlechrome
21.0.1180.46
googlechrome
21.0.1180.47
googlechrome
21.0.1180.48
googlechrome
21.0.1180.49
googlechrome
21.0.1180.50
googlechrome
21.0.1180.51
googlechrome
21.0.1180.52
googlechrome
21.0.1180.53
googlechrome
21.0.1180.54
googlechrome
21.0.1180.55
googlechrome
21.0.1180.56
googlechrome
21.0.1180.57
googlechrome
21.0.1180.59
googlechrome
21.0.1180.60
googlechrome
21.0.1180.61
googlechrome
21.0.1180.62
googlechrome
21.0.1180.63
googlechrome
21.0.1180.64
googlechrome
21.0.1180.68
googlechrome
21.0.1180.69
googlechrome
21.0.1180.70
googlechrome
21.0.1180.71
googlechrome
21.0.1180.72
googlechrome
21.0.1180.73
googlechrome
21.0.1180.74
googlechrome
21.0.1180.75
googlechrome
21.0.1180.76
googlechrome
21.0.1180.77
googlechrome
21.0.1180.78
googlechrome
21.0.1180.79
googlechrome
21.0.1180.80
googlechrome
21.0.1180.81
googlechrome
21.0.1180.82
googlechrome
21.0.1180.83
googlechrome
21.0.1180.84
googlechrome
21.0.1180.85
googlechrome
21.0.1180.86
googlechrome
21.0.1180.87
xmlsoftlibxslt
𝑥
≤ 1.1.26
xmlsoftlibxslt
1.1.8
xmlsoftlibxslt
1.1.9
xmlsoftlibxslt
1.1.10
xmlsoftlibxslt
1.1.11
xmlsoftlibxslt
1.1.12
xmlsoftlibxslt
1.1.13
xmlsoftlibxslt
1.1.14
xmlsoftlibxslt
1.1.15
xmlsoftlibxslt
1.1.16
xmlsoftlibxslt
1.1.17
xmlsoftlibxslt
1.1.18
xmlsoftlibxslt
1.1.19
xmlsoftlibxslt
1.1.20
xmlsoftlibxslt
1.1.21
xmlsoftlibxslt
1.1.22
xmlsoftlibxslt
1.1.23
xmlsoftlibxslt
1.1.24
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libxslt
bullseye (security)
1.1.34-4+deb11u1
fixed
bullseye
1.1.34-4+deb11u1
fixed
bookworm
1.1.35-1
fixed
sid
1.1.35-1.1
fixed
trixie
1.1.35-1.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
quantal
Fixed 3.0.1271.97-0ubuntu0.12.10.1
released
precise
Fixed 3.0.1271.97-0ubuntu0.12.04.1
released
oneiric
Fixed 3.0.1271.97-0ubuntu0.11.10.1
released
natty
ignored
lucid
Fixed 3.0.1271.97-0ubuntu0.10.04.1
released
hardy
dne
libxslt
quantal
not-affected
precise
Fixed 1.1.26-8ubuntu1.2
released
oneiric
Fixed 1.1.26-7ubuntu0.1
released
natty
Fixed 1.1.26-6ubuntu0.1
released
lucid
Fixed 1.1.26-1ubuntu1.1
released
hardy
Fixed 1.1.22-1ubuntu1.3
released
Common Weakness Enumeration
References
http://code.google.com/p/chromium/issues/detail?id=138672
http://code.google.com/p/chromium/issues/detail?id=140368
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html
http://secunia.com/advisories/50838
http://secunia.com/advisories/54886
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?r1=75684&r2=149998
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?view=log
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?view=log
http://support.apple.com/kb/HT5934
http://support.apple.com/kb/HT6001
http://www.debian.org/security/2012/dsa-2555
http://www.mandriva.com/security/advisories?name=MDVSA-2012:164
https://chromiumcodereview.appspot.com/10823168
https://chromiumcodereview.appspot.com/10830177
http://code.google.com/p/chromium/issues/detail?id=138672
http://code.google.com/p/chromium/issues/detail?id=140368
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html
http://secunia.com/advisories/50838
http://secunia.com/advisories/54886
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?r1=75684&r2=149998
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?view=log
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?view=log
http://support.apple.com/kb/HT5934
http://support.apple.com/kb/HT6001
http://www.debian.org/security/2012/dsa-2555
http://www.mandriva.com/security/advisories?name=MDVSA-2012:164
https://chromiumcodereview.appspot.com/10823168
https://chromiumcodereview.appspot.com/10830177