Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 up to and including 1.1.24 allow context-dependent malicious users to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xmlsoft libxslt 1.1.10 |
||
xmlsoft libxslt 1.1.11 |
||
xmlsoft libxslt 1.1.19 |
||
xmlsoft libxslt 1.1.20 |
||
xmlsoft libxslt 1.1.14 |
||
xmlsoft libxslt 1.1.15 |
||
xmlsoft libxslt 1.1.16 |
||
xmlsoft libxslt 1.1.23 |
||
xmlsoft libxslt 1.1.24 |
||
xmlsoft libxslt 1.1.12 |
||
xmlsoft libxslt 1.1.13 |
||
xmlsoft libxslt 1.1.21 |
||
xmlsoft libxslt 1.1.22 |
||
xmlsoft libxslt 1.1.17 |
||
xmlsoft libxslt 1.1.18 |
||
xmlsoft libxslt 1.1.8 |
||
xmlsoft libxslt 1.1.9 |