CVE-2012-2871

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
appleiphone_os
𝑥
≤ 6.1.4
appleiphone_os
1.0.0
appleiphone_os
1.0.1
appleiphone_os
1.0.2
appleiphone_os
1.1.0
appleiphone_os
1.1.1
appleiphone_os
1.1.2
appleiphone_os
1.1.3
appleiphone_os
1.1.4
appleiphone_os
1.1.5
appleiphone_os
2.0
appleiphone_os
2.0.0
appleiphone_os
2.0.1
appleiphone_os
2.0.2
appleiphone_os
2.1
appleiphone_os
2.1.1
appleiphone_os
2.2
appleiphone_os
2.2.1
appleiphone_os
3.0
appleiphone_os
3.0.1
appleiphone_os
3.1
appleiphone_os
3.1.2
appleiphone_os
3.1.3
appleiphone_os
3.2
appleiphone_os
3.2.1
appleiphone_os
3.2.2
appleiphone_os
4.0
appleiphone_os
4.0.1
appleiphone_os
4.0.2
appleiphone_os
4.1
appleiphone_os
4.2.1
appleiphone_os
4.2.5
appleiphone_os
4.2.8
appleiphone_os
4.3.0
appleiphone_os
4.3.1
appleiphone_os
4.3.2
appleiphone_os
4.3.3
appleiphone_os
4.3.5
appleiphone_os
5.0
appleiphone_os
5.0.1
appleiphone_os
5.1
appleiphone_os
5.1.1
appleiphone_os
6.0
appleiphone_os
6.0.1
appleiphone_os
6.0.2
appleiphone_os
6.1
appleiphone_os
6.1.2
appleiphone_os
6.1.3
googlechrome
𝑥
≤ 21.0.1180.88
googlechrome
21.0.1180.0
googlechrome
21.0.1180.1
googlechrome
21.0.1180.2
googlechrome
21.0.1180.31
googlechrome
21.0.1180.32
googlechrome
21.0.1180.33
googlechrome
21.0.1180.34
googlechrome
21.0.1180.35
googlechrome
21.0.1180.36
googlechrome
21.0.1180.37
googlechrome
21.0.1180.38
googlechrome
21.0.1180.39
googlechrome
21.0.1180.41
googlechrome
21.0.1180.46
googlechrome
21.0.1180.47
googlechrome
21.0.1180.48
googlechrome
21.0.1180.49
googlechrome
21.0.1180.50
googlechrome
21.0.1180.51
googlechrome
21.0.1180.52
googlechrome
21.0.1180.53
googlechrome
21.0.1180.54
googlechrome
21.0.1180.55
googlechrome
21.0.1180.56
googlechrome
21.0.1180.57
googlechrome
21.0.1180.59
googlechrome
21.0.1180.60
googlechrome
21.0.1180.61
googlechrome
21.0.1180.62
googlechrome
21.0.1180.63
googlechrome
21.0.1180.64
googlechrome
21.0.1180.68
googlechrome
21.0.1180.69
googlechrome
21.0.1180.70
googlechrome
21.0.1180.71
googlechrome
21.0.1180.72
googlechrome
21.0.1180.73
googlechrome
21.0.1180.74
googlechrome
21.0.1180.75
googlechrome
21.0.1180.76
googlechrome
21.0.1180.77
googlechrome
21.0.1180.78
googlechrome
21.0.1180.79
googlechrome
21.0.1180.80
googlechrome
21.0.1180.81
googlechrome
21.0.1180.82
googlechrome
21.0.1180.83
googlechrome
21.0.1180.84
googlechrome
21.0.1180.85
googlechrome
21.0.1180.86
googlechrome
21.0.1180.87
xmlsoftlibxml2
𝑥
≤ 2.9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libxslt
bullseye (security)
1.1.34-4+deb11u1
fixed
bullseye
1.1.34-4+deb11u1
fixed
bookworm
1.1.35-1
fixed
sid
1.1.35-1.1
fixed
trixie
1.1.35-1.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
quantal
Fixed 3.0.1271.97-0ubuntu0.12.10.1
released
precise
Fixed 3.0.1271.97-0ubuntu0.12.04.1
released
oneiric
Fixed 3.0.1271.97-0ubuntu0.11.10.1
released
natty
ignored
lucid
Fixed 3.0.1271.97-0ubuntu0.10.04.1
released
hardy
dne
libxslt
quantal
not-affected
precise
Fixed 1.1.26-8ubuntu1.2
released
oneiric
Fixed 1.1.26-7ubuntu0.1
released
natty
Fixed 1.1.26-6ubuntu0.1
released
lucid
Fixed 1.1.26-1ubuntu1.1
released
hardy
Fixed 1.1.22-1ubuntu1.3
released
References
http://code.google.com/p/chromium/issues/detail?id=138673
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html
http://secunia.com/advisories/50838
http://secunia.com/advisories/54886
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src/include/libxml/tree.h?r1=56276&r2=149930
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src/include/libxml/tree.h?view=log
http://support.apple.com/kb/HT5934
http://support.apple.com/kb/HT6001
http://www.debian.org/security/2012/dsa-2555
http://www.mandriva.com/security/advisories?name=MDVSA-2012:164
https://chromiumcodereview.appspot.com/10824157
https://exchange.xforce.ibmcloud.com/vulnerabilities/78179
http://code.google.com/p/chromium/issues/detail?id=138673
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html
http://secunia.com/advisories/50838
http://secunia.com/advisories/54886
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src/include/libxml/tree.h?r1=56276&r2=149930
http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src/include/libxml/tree.h?view=log
http://support.apple.com/kb/HT5934
http://support.apple.com/kb/HT6001
http://www.debian.org/security/2012/dsa-2555
http://www.mandriva.com/security/advisories?name=MDVSA-2012:164
https://chromiumcodereview.appspot.com/10824157
https://exchange.xforce.ibmcloud.com/vulnerabilities/78179