Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2011-1944

Published: 02/09/2011 Updated: 17/06/2016
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Xmlsoft

Vulnerability Summary

Integer overflow in xpath.c in libxml2 2.6.x up to and including 2.6.32 and 2.7.x up to and including 2.7.8, and libxml 1.8.16 and previous versions, allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.

Vulnerable Product Search on Vulmon Subscribe to Product

xmlsoft libxml2 2.6.26

xmlsoft libxml2 2.6.30

xmlsoft libxml2 2.6.5

xmlsoft libxml2 2.6.6

xmlsoft libxml2 2.6.13

xmlsoft libxml2 2.6.9

xmlsoft libxml2 2.6.22

xmlsoft libxml2 2.6.27

xmlsoft libxml2 2.6.11

xmlsoft libxml2 2.6.1

xmlsoft libxml2 2.6.0

xmlsoft libxml2 2.6.2

xmlsoft libxml2 2.6.12

xmlsoft libxml2 2.6.17

xmlsoft libxml2 2.6.16

xmlsoft libxml2 2.6.3

xmlsoft libxml2 2.6.4

xmlsoft libxml2 2.6.7

xmlsoft libxml2 2.6.8

xmlsoft libxml2 2.6.20

xmlsoft libxml2 2.6.18

xmlsoft libxml2 2.6.14

xmlsoft libxml2 2.6.32

xmlsoft libxml2 2.7.6

xmlsoft libxml2 2.7.3

xmlsoft libxml2 2.7.4

xmlsoft libxml2 2.7.7

xmlsoft libxml2 2.7.2

xmlsoft libxml2 2.7.1

xmlsoft libxml2 2.7.5

xmlsoft libxml2 2.7.0

xmlsoft libxml2 2.7.8

xmlsoft libxml 1.8.14

xmlsoft libxml 1.8.13

xmlsoft libxml 1.8.6

xmlsoft libxml 1.8.5

xmlsoft libxml 1.6.0

xmlsoft libxml 1.6.1

xmlsoft libxml

xmlsoft libxml 1.8.15

xmlsoft libxml 1.8.8

xmlsoft libxml 1.8.7

xmlsoft libxml 1.8.0

xmlsoft libxml 1.5.0

xmlsoft libxml 1.7.4

xmlsoft libxml 1.8.12

xmlsoft libxml 1.8.11

xmlsoft libxml 1.8.4

xmlsoft libxml 1.8.3

xmlsoft libxml 1.6.2

xmlsoft libxml 1.7.0

xmlsoft libxml 1.8.10

xmlsoft libxml 1.8.9

xmlsoft libxml 1.8.2

xmlsoft libxml 1.8.1

xmlsoft libxml 1.7.1

xmlsoft libxml 1.7.2

xmlsoft libxml 1.7.3

Vendor Advisories

Ubuntu Security Notice: libxml2 vulnerability
libxml2 could be made to crash or run programs as your login if it opened a specially crafted file ...
Red Hat: Important: libxml2 security update
Synopsis Important: libxml2 security update Type/Severity Security Advisory: Important Topic Updated libxml2 packages that fix several security issues are now availablefor Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerabi ...
Red Hat: Low: libxml2 security and bug fix update
Synopsis Low: libxml2 security and bug fix update Type/Severity Security Advisory: Low Topic Updated libxml2 packages that fix several security issues and various bugsare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having lowsecurity impact Commo ...

Exploits

Exploit DB: libxmlInvalid 2.7.x - XPath Multiple Memory Corruption Vulnerabilities
source: wwwsecurityfocuscom/bid/48056/info The 'libxml2' library is prone to multiple memory-corruption vulnerabilities, including one that can trigger a heap-based buffer-overflow error and an integer-overflow condition An attacker can exploit these issues by enticing an unsuspecting user into opening a specially crafted XML file tha ...

References

CWE-189http://lists.opensuse.org/opensuse-updates/2011-07/msg00035.htmlhttp://ubuntu.com/usn/usn-1153-1http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.htmlhttp://www.debian.org/security/2011/dsa-2255http://git.gnome.org/browse/libxml2/commit/?id=d7958b21e7f8c447a26bb2436f08402b2c308be4http://secunia.com/advisories/44711http://www.openwall.com/lists/oss-security/2011/05/31/8http://www.osvdb.org/73248http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062238.htmlhttp://www.securityfocus.com/bid/48056https://bugzilla.redhat.com/show_bug.cgi?id=709747http://www.mandriva.com/security/advisories?name=MDVSA-2011:131http://www.redhat.com/support/errata/RHSA-2011-1749.htmlhttp://support.apple.com/kb/HT5281http://lists.apple.com/archives/security-announce/2012/May/msg00001.htmlhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041http://support.apple.com/kb/HT5503http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0217.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlhttps://usn.ubuntu.com/1153-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/35810/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook