CVE-2012-2893

Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
googlechrome
𝑥
≤ 22.0.1229.78
googlechrome
22.0.1229.0
googlechrome
22.0.1229.1
googlechrome
22.0.1229.2
googlechrome
22.0.1229.3
googlechrome
22.0.1229.4
googlechrome
22.0.1229.6
googlechrome
22.0.1229.7
googlechrome
22.0.1229.8
googlechrome
22.0.1229.9
googlechrome
22.0.1229.10
googlechrome
22.0.1229.11
googlechrome
22.0.1229.12
googlechrome
22.0.1229.14
googlechrome
22.0.1229.16
googlechrome
22.0.1229.17
googlechrome
22.0.1229.18
googlechrome
22.0.1229.20
googlechrome
22.0.1229.21
googlechrome
22.0.1229.22
googlechrome
22.0.1229.23
googlechrome
22.0.1229.24
googlechrome
22.0.1229.25
googlechrome
22.0.1229.26
googlechrome
22.0.1229.27
googlechrome
22.0.1229.28
googlechrome
22.0.1229.29
googlechrome
22.0.1229.31
googlechrome
22.0.1229.32
googlechrome
22.0.1229.33
googlechrome
22.0.1229.35
googlechrome
22.0.1229.36
googlechrome
22.0.1229.37
googlechrome
22.0.1229.39
googlechrome
22.0.1229.48
googlechrome
22.0.1229.49
googlechrome
22.0.1229.50
googlechrome
22.0.1229.51
googlechrome
22.0.1229.52
googlechrome
22.0.1229.53
googlechrome
22.0.1229.54
googlechrome
22.0.1229.55
googlechrome
22.0.1229.56
googlechrome
22.0.1229.57
googlechrome
22.0.1229.58
googlechrome
22.0.1229.59
googlechrome
22.0.1229.60
googlechrome
22.0.1229.62
googlechrome
22.0.1229.63
googlechrome
22.0.1229.64
googlechrome
22.0.1229.65
googlechrome
22.0.1229.67
googlechrome
22.0.1229.76
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libxslt
bullseye (security)
1.1.34-4+deb11u1
fixed
bullseye
1.1.34-4+deb11u1
fixed
bookworm
1.1.35-1
fixed
sid
1.1.35-1.1
fixed
trixie
1.1.35-1.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
quantal
Fixed 3.0.1271.97-0ubuntu0.12.10.1
released
precise
Fixed 3.0.1271.97-0ubuntu0.12.04.1
released
oneiric
Fixed 3.0.1271.97-0ubuntu0.11.10.1
released
natty
ignored
lucid
Fixed 3.0.1271.97-0ubuntu0.10.04.1
released
hardy
dne
libxslt
quantal
not-affected
precise
Fixed 1.1.26-8ubuntu1.2
released
oneiric
Fixed 1.1.26-7ubuntu0.1
released
natty
Fixed 1.1.26-6ubuntu0.1
released
lucid
Fixed 1.1.26-1ubuntu1.1
released
hardy
Fixed 1.1.22-1ubuntu1.3
released
Common Weakness Enumeration
References
http://git.chromium.org/gitweb/?p=chromium.git%3Ba=commit%3Bh=9a5da8e7d4b6f3454614b0331a51bf29c966f556
http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html
http://secunia.com/advisories/50838
http://www.debian.org/security/2012/dsa-2555
http://www.mandriva.com/security/advisories?name=MDVSA-2012:164
https://chromiumcodereview.appspot.com/10919019
https://code.google.com/p/chromium/issues/detail?id=144799
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15714
https://src.chromium.org/viewvc/chrome?view=rev&revision=154331
http://git.chromium.org/gitweb/?p=chromium.git%3Ba=commit%3Bh=9a5da8e7d4b6f3454614b0331a51bf29c966f556
http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html
http://secunia.com/advisories/50838
http://www.debian.org/security/2012/dsa-2555
http://www.mandriva.com/security/advisories?name=MDVSA-2012:164
https://chromiumcodereview.appspot.com/10919019
https://code.google.com/p/chromium/issues/detail?id=144799
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15714
https://src.chromium.org/viewvc/chrome?view=rev&revision=154331