Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2011-1425

Published: 04/04/2011 Updated: 17/08/2017
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 515
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Aleksey

Vulnerability Summary

xslt.c in XML Security Library (aka xmlsec) prior to 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote malicious users to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.

Vulnerable Product Search on Vulmon Subscribe to Product

aleksey xml security library

aleksey xml security library 1.2.7

aleksey xml security library 1.2.6

aleksey xml security library 1.1.2

aleksey xml security library 1.1.1

aleksey xml security library 1.0.0

aleksey xml security library 0.1.1

aleksey xml security library 0.0.9

aleksey xml security library 0.0.8

aleksey xml security library 0.0.2

aleksey xml security library 0.0.1

aleksey xml security library 1.2.13

aleksey xml security library 1.2.11

aleksey xml security library 1.2.10

aleksey xml security library 1.2.3

aleksey xml security library 1.2.2

aleksey xml security library 1.0.3

aleksey xml security library 1.0.2

aleksey xml security library 0.0.13

aleksey xml security library 0.0.12

aleksey xml security library 0.0.5

aleksey xml security library 0.0.4

aleksey xml security library 1.2.15

aleksey xml security library 1.2.14

aleksey xml security library 1.2.5

aleksey xml security library 1.2.4

aleksey xml security library 1.1.0

aleksey xml security library 1.0.4

aleksey xml security library 0.1.0

aleksey xml security library 0.0.15

aleksey xml security library 0.0.14

aleksey xml security library 0.0.7

aleksey xml security library 0.0.6

apple webkit

aleksey xml security library 1.2.9

aleksey xml security library 1.2.8

aleksey xml security library 1.2.1

aleksey xml security library 1.2.0

aleksey xml security library 1.0.1

aleksey xml security library 0.0.11

aleksey xml security library 0.0.10

aleksey xml security library 0.0.3

aleksey xml security library 0.0.2a

Vendor Advisories

Debian CVElist Bug Report Logs: xmlsec security issue: arbitrary file overwriting CVE-2011-1425
Debian Bug report logs - #620560 xmlsec security issue: arbitrary file overwriting CVE-2011-1425 Package: xmlsec1; Maintainer for xmlsec1 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Source for xmlsec1 is src:xmlsec1 (PTS, buildd, popcon) Reported by: Thijs Kinkhorst <thijs@debianorg> Dat ...
Debian Security Advisories: DSA-2219-1 xmlsec1 -- arbitrary file overwrite
Nicolas Gregoire discovered that the XML Security Library xmlsec allowed remote attackers to create or overwrite arbitrary files through specially crafted XML files using the libxslt output extension and a ds:Transform element during signature verification For the oldstable distribution (lenny), this problem has been fixed in version 129-5+lenny ...

Exploits

Exploit DB: Apple Safari Webkit - libxslt Arbitrary File Creation (Metasploit)
## # $Id: safari_xslt_outputrb 13987 2011-10-18 07:39:50Z sinn3r $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' c ...

References

CWE-264http://git.gnome.org/browse/xmlsec/commit/?id=2d5eddcc4163ea050cf3a3a1a25452bb5124f780http://www.aleksey.com/pipermail/xmlsec/2011/009120.htmlhttp://secunia.com/advisories/43920https://bugs.webkit.org/show_bug.cgi?id=52688http://git.gnome.org/browse/xmlsec/commit/?id=35eaacde6093d6711339754fc2146341b8b9f5fahttp://trac.webkit.org/changeset/79159https://bugzilla.redhat.com/show_bug.cgi?id=692133http://www.debian.org/security/2011/dsa-2219http://secunia.com/advisories/44167http://www.vupen.com/english/advisories/2011/1010http://secunia.com/advisories/44423http://www.redhat.com/support/errata/RHSA-2011-0486.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:063http://www.vupen.com/english/advisories/2011/1172http://www.securitytracker.com/id?1025284http://www.vupen.com/english/advisories/2011/0855http://www.vupen.com/english/advisories/2011/0858http://www.securityfocus.com/bid/47135https://exchange.xforce.ibmcloud.com/vulnerabilities/66506https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=620560https://nvd.nist.govhttps://www.exploit-db.com/exploits/17993/https://www.debian.org/security/./dsa-2219
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook