CVE-2013-1969

Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
Affected Products (NVD)
VendorProductVersion
xmlsoftlibxml2
2.9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libxml2
bookworm
2.9.14+dfsg-1.3~deb12u1
fixed
bullseye
2.9.10+dfsg-6.7+deb11u4
fixed
bullseye (security)
2.9.10+dfsg-6.7+deb11u5
fixed
sid
2.12.7+dfsg+really2.9.14-0.1
fixed
trixie
2.12.7+dfsg+really2.9.14-0.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libxml2
hardy
not-affected
lucid
not-affected
oneiric
not-affected
precise
not-affected
quantal
not-affected
raring
Fixed 2.9.0+dfsg1-4ubuntu4.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libxml2-2
suse enterprise desktop 15
2.9.7-1.30
fixed
suse enterprise desktop 15 SP1
2.9.7-3.6.1
fixed
suse enterprise sap 12 SP5
2.9.4-46.20.1
fixed
suse enterprise sap 15
2.9.7-1.30
fixed
suse enterprise sap 15 SP1
2.9.7-3.6.1
fixed
suse enterprise server 12 SP5
2.9.4-46.20.1
fixed
suse enterprise server 15
2.9.7-1.30
fixed
suse enterprise server 15 SP1
2.9.7-3.6.1
fixed
libxml2-2-32bit
suse enterprise desktop 15
2.9.7-1.30
fixed
suse enterprise desktop 15 SP1
2.9.7-3.6.1
fixed
suse enterprise sap 12 SP5
2.9.4-46.20.1
fixed
suse enterprise sap 15
2.9.7-1.30
fixed
suse enterprise sap 15 SP1
2.9.7-3.6.1
fixed
suse enterprise server 12 SP5
2.9.4-46.20.1
fixed
suse enterprise server 15
2.9.7-1.30
fixed
suse enterprise server 15 SP1
2.9.7-3.6.1
fixed
libxml2-devel
suse enterprise desktop 15
2.9.7-1.30
fixed
suse enterprise desktop 15 SP1
2.9.7-3.6.1
fixed
suse enterprise sap 15
2.9.7-1.30
fixed
suse enterprise sap 15 SP1
2.9.7-3.6.1
fixed
suse enterprise server 15
2.9.7-1.30
fixed
suse enterprise server 15 SP1
2.9.7-3.6.1
fixed
libxml2-doc
suse enterprise sap 12 SP5
2.9.4-46.20.1
fixed
suse enterprise server 12 SP5
2.9.4-46.20.1
fixed
libxml2-tools
suse enterprise desktop 15
2.9.7-1.30
fixed
suse enterprise desktop 15 SP1
2.9.7-3.6.1
fixed
suse enterprise sap 12 SP5
2.9.4-46.20.1
fixed
suse enterprise sap 15
2.9.7-1.30
fixed
suse enterprise sap 15 SP1
2.9.7-3.6.1
fixed
suse enterprise server 12 SP5
2.9.4-46.20.1
fixed
suse enterprise server 15
2.9.7-1.30
fixed
suse enterprise server 15 SP1
2.9.7-3.6.1
fixed
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-updates/2013-04/msg00109.html
http://lists.opensuse.org/opensuse-updates/2013-06/msg00081.html
http://secunia.com/advisories/53061
http://www.openwall.com/lists/oss-security/2013/04/17/4
http://www.openwall.com/lists/oss-security/2013/04/19/1
http://www.ubuntu.com/usn/USN-1817-1
https://bugzilla.gnome.org/show_bug.cgi?id=690202
https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f
http://lists.opensuse.org/opensuse-updates/2013-04/msg00109.html
http://lists.opensuse.org/opensuse-updates/2013-06/msg00081.html
http://secunia.com/advisories/53061
http://www.openwall.com/lists/oss-security/2013/04/17/4
http://www.openwall.com/lists/oss-security/2013/04/19/1
http://www.ubuntu.com/usn/USN-1817-1
https://bugzilla.gnome.org/show_bug.cgi?id=690202
https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f