Vulnerabilities > CVE-2012-2807 - Numeric Errors vulnerability in multiple products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Vulnerable Configurations

Part Description Count
Application
Google
2342
OS
Linux
1
OS
Apple
112

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1587-1.NASL
    descriptionJuri Aedla discovered that libxml2 incorrectly handled certain memory operations. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id62366
    published2012-09-28
    reporterUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62366
    titleUbuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : libxml2 vulnerability (USN-1587-1)
  • NASL familyMisc.
    NASL idVMWARE_ESX_VMSA-2013-0001_REMOTE.NASL
    descriptionThe remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several components and third-party libraries : - Authentication Service - bind - libxml2 - libxslt
    last seen2020-06-01
    modified2020-06-02
    plugin id89661
    published2016-03-04
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/89661
    titleVMware ESX / ESXi Authentication Service and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0001) (remote check)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1559.NASL
    descriptionAccording to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations.In this case one can use the built-in XPath and XPointer implementation to select sub nodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. - Security Fixi1/4^esi1/4%0: - Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.i1/4^CVE-2012-2807i1/4%0 - A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.i1/4^CVE-2015-8035i1/4%0 - The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service i1/4^memory consumptioni1/4%0 via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.i1/4^CVE-2017-18258i1/4%0 - A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEvali1/4^i1/4%0 function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.i1/4^CVE-2018-14404i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-19
    modified2019-05-15
    plugin id125103
    published2019-05-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125103
    titleEulerOS Virtualization 3.0.1.0 : libxml2 (EulerOS-SA-2019-1559)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-13824.NASL
    descriptionlot of security bug fixes Lots of security patches Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-09-27
    plugin id62324
    published2012-09-27
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62324
    titleFedora 16 : libxml2-2.7.8-8.fc16 (2012-13824)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1325.NASL
    descriptionAn updated rhev-hypervisor6 package that fixes multiple security issues and one bug is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way QEMU handled VT100 terminal escape sequences when emulating certain character devices. A guest user with privileges to write to a character device that is emulated on the host using a virtual console back-end could use this flaw to crash the qemu-kvm process on the host or, possibly, escalate their privileges on the host. (CVE-2012-3515) This flaw did not affect the default use of Red Hat Enterprise Virtualization Hypervisor: it is not possible to add a device that uses a virtual console back-end via Red Hat Enterprise Virtualization Manager. To specify a virtual console back-end for a device and therefore be vulnerable to this issue, the device would have to be created another way, for example, by using a VDSM hook. Note that at this time hooks can only be used on Red Hat Enterprise Linux hosts, not Red Hat Enterprise Virtualization Hypervisor. Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc
    last seen2020-06-01
    modified2020-06-02
    plugin id78935
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78935
    titleRHEL 6 : rhev-hypervisor6 (RHSA-2012:1325)
  • NASL familyWindows
    NASL idITUNES_11_1_4.NASL
    descriptionThe version of Apple iTunes installed on the remote Windows host is older than 11.1.4. It is, therefore, potentially affected by several issues : - The included versions of WebKit, libxml, and libxslt contain several errors that could lead to memory corruption and possibly arbitrary code execution. The vendor notes that one possible attack vector is a man-in-the-middle attack while the application browses the
    last seen2020-06-01
    modified2020-06-02
    plugin id72104
    published2014-01-23
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72104
    titleApple iTunes < 11.1.4 Multiple Vulnerabilities (credentialed check)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2012-126.NASL
    descriptionA vulnerability was found and corrected in libxml2 : Multiple integer overflows in libxml2, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors (CVE-2012-2807). The updated packages have been patched to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id61975
    published2012-09-06
    reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/61975
    titleMandriva Linux Security Advisory : libxml2 (MDVSA-2012:126)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1324.NASL
    descriptionAn updated rhev-hypervisor5 package that fixes one security issue and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way socket buffers (skb) requiring TSO (TCP segment offloading) were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, the network card could repeatedly reset itself. A remote attacker could use this flaw to cause a denial of service. (CVE-2012-3412) Red Hat would like to thank Ben Hutchings of Solarflare (tm) for reporting this issue. This updated package provides updated components that include fixes for various security issues. These issues have no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fixes included in this update address the following CVE numbers : CVE-2012-4244 (bind issue) CVE-2012-2319, CVE-2012-3430, and CVE-2012-3510 (kernel issues) CVE-2011-3102, CVE-2012-0841, and CVE-2012-2807 (libxml2 issues) Users of Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which fixes these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id78934
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78934
    titleRHEL 5 : rhev-hypervisor5 (RHSA-2012:1324)
  • NASL familyMisc.
    NASL idVMWARE_ESXI_5_1_BUILD_1063671_REMOTE.NASL
    descriptionThe remote VMware ESXi 5.1 host is affected by the following security vulnerabilities : - An integer overflow condition exists in the glibc library in the __tzfile_read() function that allows a denial of service or arbitrary code execution. (CVE-2009-5029) - An error exists in the glibc library related to modified loaders and
    last seen2020-06-01
    modified2020-06-02
    plugin id70886
    published2013-11-13
    reporterThis script is (C) 2013-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/70886
    titleESXi 5.1 < Build 1063671 Multiple Vulnerabilities (remote check)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20120918_LIBXML2_ON_SL5_X.NASL
    descriptionThe libxml2 library is a development toolbox providing the implementation of various XML standards. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2807) A one byte buffer overflow was found in the way libxml2 evaluated certain parts of XML Pointer Language (XPointer) expressions. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3102) All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen2020-03-18
    modified2012-09-19
    plugin id62197
    published2012-09-19
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62197
    titleScientific Linux Security Update : libxml2 on SL5.x, SL6.x i386/x86_64 (20120918)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2012-501.NASL
    descriptionFixed an integer overflow in libxml2 which could lead to crashes or potential code execution.
    last seen2020-06-05
    modified2014-06-13
    plugin id74708
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74708
    titleopenSUSE Security Update : libxml2 (openSUSE-SU-2012:0975-1)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2013-056.NASL
    descriptionMultiple vulnerabilities was found and corrected in libxml2 : A heap-buffer overflow was found in the way libxml2 decoded certain XML entitites. A remote attacker could provide a specially crafted XML file, which once opened in an application linked against libxml would cause that application to crash, or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2012-5134). A denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, would lead to excessive CPU consumption (CVE-2013-0338). An Off-by-one error in libxml2 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors (CVE-2011-3102). Multiple integer overflows in libxml2, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors (CVE-2012-2807). The updated packages have been patched to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id66070
    published2013-04-20
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/66070
    titleMandriva Linux Security Advisory : libxml2 (MDVSA-2013:056)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_LIBXML2-8235.NASL
    descriptionThis update fixes libxml2 integer overflows. (CVE-2012-2807)
    last seen2020-06-05
    modified2012-09-07
    plugin id62003
    published2012-09-07
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62003
    titleSuSE 10 Security Update : libxml2 (ZYPP Patch Number 8235)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2012-1288.NASL
    descriptionUpdated libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2807) A one byte buffer overflow was found in the way libxml2 evaluated certain parts of XML Pointer Language (XPointer) expressions. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3102) All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id62206
    published2012-09-20
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62206
    titleCentOS 5 / 6 : libxml2 (CESA-2012:1288)
  • NASL familyMisc.
    NASL idVMWARE_ESXI_5_0_BUILD_1022489_REMOTE.NASL
    descriptionThe remote VMware ESXi 5.0 host is affected by the following vulnerabilities : - An off-by-one overflow condition exists in the xmlXPtrEvalXPtrPart() function due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted XML file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2011-3102) - Multiple integer overflow conditions exist due to improper validation of user-supplied input when handling overly long strings. An unauthenticated, remote attacker can exploit this, via a specially crafted XML file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2012-2807) - A heap-based underflow condition exists in the bundled libxml2 library due to incorrect parsing of strings not containing an expected space. A remote attacker can exploit this, via a specially crafted XML document, to cause a denial of service condition or the execution of arbitrary code. (CVE-2012-5134) - A privilege escalation vulnerability exists due to improper handling of control code in the lgtosync.sys driver. A local attacker can exploit this escalate privileges on Windows-based 32-bit guest operating systems. (CVE-2013-3519)
    last seen2020-06-01
    modified2020-06-02
    plugin id70877
    published2013-11-13
    reporterThis script is (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/70877
    titleESXi 5.0 < Build 1022489 Multiple Vulnerabilities (remote check)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-13820.NASL
    descriptionLot of security fixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-09-27
    plugin id62323
    published2012-09-27
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62323
    titleFedora 17 : libxml2-2.7.8-9.fc17 (2012-13820)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS11_LIBXSLT_20130716.NASL
    descriptionThe remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. (CVE-2012-2807)
    last seen2020-06-01
    modified2020-06-02
    plugin id80693
    published2015-01-19
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80693
    titleOracle Solaris Third-Party Patch Update : libxslt (cve_2012_2807_numeric_errors)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2521.NASL
    descriptionJueri Aedla discovered several integer overflows in libxml, which could lead to the execution of arbitrary code or denial of service.
    last seen2020-03-17
    modified2012-08-06
    plugin id61415
    published2012-08-06
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61415
    titleDebian DSA-2521-1 : libxml2 - integer overflows
  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2013-0001.NASL
    descriptiona. VMware vSphere client-side authentication memory corruption vulnerability VMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the handling of the management authentication protocol. To exploit this vulnerability, an attacker must convince either vCenter Server, vSphere Client or ESX to interact with a malicious server as a client. Exploitation of the issue may lead to code execution on the client system. To reduce the likelihood of exploitation, vSphere components should be deployed on an isolated management network. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2013-1405 to this issue. b. Update to ESX/ESXi libxml2 userworld and service console The ESX/ESXi userworld libxml2 library has been updated to resolve multiple security issues. Also, the ESX service console libxml2 packages are updated to the following versions : libxml2-2.6.26-2.1.15.el5_8.5 libxml2-python-2.6.26-2.1.15.el5_8.5 These updates fix multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-3102 and CVE-2012-2807 to these issues. c. Update to ESX service console bind packages The ESX service console bind packages are updated to the following versions : bind-libs-9.3.6-20.P1.el5_8.2 bind-utils-9.3.6-20.P1.el5_8.2 These updates fix a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-4244 to this issue. d. Update to ESX service console libxslt package The ESX service console libxslt package is updated to version libxslt-1.1.17-4.el5_8.3 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-1202, CVE-2011-3970, CVE-2012-2825, CVE-2012-2870, and CVE-2012-2871 to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id64642
    published2013-02-16
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64642
    titleVMSA-2013-0001 : VMware vSphere security updates for the authentication service and third-party libraries
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2012-1288.NASL
    descriptionFrom Red Hat Security Advisory 2012:1288 : Updated libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2807) A one byte buffer overflow was found in the way libxml2 evaluated certain parts of XML Pointer Language (XPointer) expressions. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3102) All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id68629
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68629
    titleOracle Linux 5 / 6 : libxml2 (ELSA-2012-1288)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2012-134.NASL
    descriptionMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2807) A one byte buffer overflow was found in the way libxml2 evaluated certain parts of XML Pointer Language (XPointer) expressions. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3102)
    last seen2020-06-01
    modified2020-06-02
    plugin id69624
    published2013-09-04
    reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/69624
    titleAmazon Linux AMI : libxml2 (ALAS-2012-134)
  • NASL familyPeer-To-Peer File Sharing
    NASL idITUNES_11_1_2_BANNER.NASL
    descriptionThe version of Apple iTunes on the remote host is prior to version 11.1.2. It is, therefore, affected by multiple vulnerabilities : - An uninitialized memory access error exists in the handling of text tracks. By using a specially crafted movie file, a remote attacker can exploit this to cause a denial of service or execute arbitrary code. (CVE-2013-1024) - The included versions of the WebKit, libxml, and libxslt components in iTunes contain several errors that can lead to memory corruption and arbitrary code execution. The vendor states that one possible vector is a man-in- the-middle attack while the application browses the
    last seen2020-06-01
    modified2020-06-02
    plugin id70589
    published2013-10-24
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/70589
    titleApple iTunes < 11.1.2 Multiple Vulnerabilities (uncredentialed check)
  • NASL familyWindows
    NASL idITUNES_11_1_2.NASL
    descriptionThe version of Apple iTunes installed on the remote Windows host is older than 11.1.2. It is, therefore, potentially affected by several issues : - An uninitialized memory access issue exists in the handling of text tracks, which could lead to memory corruption and possibly arbitrary code execution. (CVE-2013-1024) - The included versions of WebKit, libxml, and libxslt contain several errors that could lead to memory corruption and possibly arbitrary code execution. The vendor notes that one possible attack vector is a man-in-the-middle attack while the application browses the
    last seen2020-06-01
    modified2020-06-02
    plugin id70588
    published2013-10-24
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/70588
    titleApple iTunes < 11.1.2 Multiple Vulnerabilities (credentialed check)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2013-1627-1.NASL
    descriptionlibxml2 has been updated to fix the following security issue : - CVE-2013-0338: libxml2 allowed context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka
    last seen2020-06-05
    modified2015-05-20
    plugin id83599
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83599
    titleSUSE SLES10 Security Update : libxml2 (SUSE-SU-2013:1627-1)
  • NASL familyMisc.
    NASL idAPPLETV_6_0.NASL
    descriptionAccording to its banner, the remote Apple TV 2nd generation or later device is prior to 6.0. It is, therefore, reportedly affected by multiple vulnerabilities, the most serious issues of which could result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id70257
    published2013-10-01
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/70257
    titleApple TV < 6.0 Multiple Vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1288.NASL
    descriptionUpdated libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2807) A one byte buffer overflow was found in the way libxml2 evaluated certain parts of XML Pointer Language (XPointer) expressions. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3102) All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id62195
    published2012-09-19
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62195
    titleRHEL 5 / 6 : libxml2 (RHSA-2012:1288)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2012-355.NASL
    description - Update Chromium to 22.0.1190 - Security Fixes (bnc#769181) : - CVE-2012-2815: Leak of iframe fragment id - CVE-2012-2816: Prevent sandboxed processes interfering with each other - CVE-2012-2817: Use-after-free in table section handling - CVE-2012-2818: Use-after-free in counter layout - CVE-2012-2819: Crash in texture handling - CVE-2012-2820: Out-of-bounds read in SVG filter handling - CVE-2012-2821: Autofill display problem - CVE-2012-2823: Use-after-free in SVG resource handling - CVE-2012-2826: Out-of-bounds read in texture conversion - CVE-2012-2829: Use-after-free in first-letter handling - CVE-2012-2830: Wild pointer in array value setting - CVE-2012-2831: Use-after-free in SVG reference handling - CVE-2012-2834: Integer overflow in Matroska container - CVE-2012-2825: Wild read in XSL handling - CVE-2012-2807: Integer overflows in libxml - Fix update-alternatives within the spec-file - Update v8 to 3.12.5.0 - Fixed Chromium issues: 115100, 129628, 131994, 132727, 132741, 132742, 133211 - Fixed V8 issues: 915, 1914, 2034, 2087, 2094, 2134, 2156, 2166, 2172, 2177, 2179, 2185 - Added --extra-code flag to mksnapshot to load JS code into the VM before creating the snapshot. - Support
    last seen2020-06-05
    modified2014-06-13
    plugin id74660
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74660
    titleopenSUSE Security Update : chromium / v8 (openSUSE-SU-2012:0813-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_LIBXML2-120718.NASL
    descriptionThis update fixes several libxml2 integer overflows which could have been used to crash libxml2 parsers or potentially execute code.
    last seen2020-06-05
    modified2013-01-25
    plugin id64205
    published2013-01-25
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64205
    titleSuSE 11.1 Security Update : libxml2 (SAT Patch Number 6571)
  • NASL familyPeer-To-Peer File Sharing
    NASL idITUNES_11_1_4_BANNER.NASL
    descriptionThe version of Apple iTunes on the remote host is prior to version 11.1.4. It is, therefore, affected by multiple vulnerabilities : - The included versions of the WebKit, libxml, and libxslt components in iTunes contain several errors that can lead to memory corruption and arbitrary code execution. The vendor states that one possible vector is a man-in- the-middle attack while the application browses the
    last seen2020-06-01
    modified2020-06-02
    plugin id72105
    published2014-01-23
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72105
    titleApple iTunes < 11.1.4 Multiple Vulnerabilities (uncredentialed check)

Redhat

advisories
bugzilla
id835863
titleCVE-2012-2807 libxml2 (64-bit): Multiple integer overflows, leading to DoS or possibly other unspecified impact
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 5 is installed
      ovaloval:com.redhat.rhba:tst:20070331005
    • OR
      • AND
        • commentlibxml2-devel is earlier than 0:2.6.26-2.1.15.el5_8.5
          ovaloval:com.redhat.rhsa:tst:20121288001
        • commentlibxml2-devel is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20080032009
      • AND
        • commentlibxml2 is earlier than 0:2.6.26-2.1.15.el5_8.5
          ovaloval:com.redhat.rhsa:tst:20121288003
        • commentlibxml2 is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20080032013
      • AND
        • commentlibxml2-python is earlier than 0:2.6.26-2.1.15.el5_8.5
          ovaloval:com.redhat.rhsa:tst:20121288005
        • commentlibxml2-python is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20080032011
  • AND
    • commentRed Hat Enterprise Linux 6 is installed
      ovaloval:com.redhat.rhba:tst:20111656003
    • OR
      • AND
        • commentlibxml2-static is earlier than 0:2.7.6-8.el6_3.3
          ovaloval:com.redhat.rhsa:tst:20121288008
        • commentlibxml2-static is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20111749002
      • AND
        • commentlibxml2-devel is earlier than 0:2.7.6-8.el6_3.3
          ovaloval:com.redhat.rhsa:tst:20121288010
        • commentlibxml2-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20111749004
      • AND
        • commentlibxml2 is earlier than 0:2.7.6-8.el6_3.3
          ovaloval:com.redhat.rhsa:tst:20121288012
        • commentlibxml2 is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20111749006
      • AND
        • commentlibxml2-python is earlier than 0:2.7.6-8.el6_3.3
          ovaloval:com.redhat.rhsa:tst:20121288014
        • commentlibxml2-python is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20111749008
rhsa
idRHSA-2012:1288
released2012-09-18
severityModerate
titleRHSA-2012:1288: libxml2 security update (Moderate)
rpms
  • libxml2-0:2.6.26-2.1.15.el5_8.5
  • libxml2-0:2.7.6-8.el6_3.3
  • libxml2-debuginfo-0:2.6.26-2.1.15.el5_8.5
  • libxml2-debuginfo-0:2.7.6-8.el6_3.3
  • libxml2-devel-0:2.6.26-2.1.15.el5_8.5
  • libxml2-devel-0:2.7.6-8.el6_3.3
  • libxml2-python-0:2.6.26-2.1.15.el5_8.5
  • libxml2-python-0:2.7.6-8.el6_3.3
  • libxml2-static-0:2.7.6-8.el6_3.3