libxml2 prior to 2.7.8, as used in Google Chrome prior to 7.0.517.44, Apple Safari 5.0.2 and previous versions, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent malicious users to cause a denial of service (application crash) via a crafted XML document.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
apple itunes |
||
apple safari |
||
apple iphone os |
||
apple mac os x |
||
xmlsoft libxml2 |
||
debian debian linux 5.0 |
||
debian debian linux 6.0 |
||
canonical ubuntu linux 6.06 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 9.10 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 10.10 |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux server eus 6.3 |
||
redhat enterprise linux workstation 6.0 |
||
opensuse opensuse 11.1 |
||
opensuse opensuse 11.2 |
||
opensuse opensuse 11.3 |
||
suse suse linux enterprise server 10 |
||
suse suse linux enterprise server 11 |
||
apache openoffice |