Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2011-3102

Published: 16/05/2012 Updated: 29/12/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Google

Vulnerability Summary

Off-by-one error in libxml2, as used in Google Chrome prior to 19.0.1084.46 and other products, allows remote malicious users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

apple iphone os 1.0.0

apple iphone os 1.0.1

apple iphone os 2.0

apple iphone os 2.0.0

apple iphone os 3.0

apple iphone os 3.0.1

apple iphone os 4.0

apple iphone os 4.0.1

apple iphone os 4.3.2

apple iphone os 4.3.3

apple iphone os 6.0.1

apple iphone os 6.0.2

apple iphone os 1.1.1

apple iphone os 1.1.2

apple iphone os 1.1.3

apple iphone os 2.1

apple iphone os 2.1.1

apple iphone os 3.1.3

apple iphone os 3.2

apple iphone os 4.2.5

apple iphone os 4.2.8

apple iphone os 5.0.1

apple iphone os 5.1

apple iphone os 6.1.3

apple iphone os

apple iphone os 1.1.4

apple iphone os 1.1.5

apple iphone os 2.2

apple iphone os 2.2.1

apple iphone os 3.2.1

apple iphone os 1.0.2

apple iphone os 1.1.0

apple iphone os 2.0.1

apple iphone os 2.0.2

apple iphone os 3.1

apple iphone os 3.1.2

apple iphone os 4.0.2

apple iphone os 4.1

apple iphone os 4.2.1

apple iphone os 4.3.5

apple iphone os 5.0

apple iphone os 6.1

apple iphone os 6.1.2

apple iphone os 3.2.2

apple iphone os 4.3.0

apple iphone os 4.3.1

apple iphone os 5.1.1

apple iphone os 6.0

Vendor Advisories

Red Hat: Moderate: libxml2 security update
Synopsis Moderate: libxml2 security update Type/Severity Security Advisory: Moderate Topic Updated libxml2 packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulne ...
Debian CVElist Bug Report Logs: CVE-2011-3102
Debian Bug report logs - #674191 CVE-2011-3102 Package: libxml2; Maintainer for libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Source for libxml2 is src:libxml2 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Wed, 23 May 2012 17:33:02 UTC Severity: grave ...
Ubuntu Security Notice: libxml2 vulnerability
Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file ...
Debian Security Advisories: DSA-2479-1 libxml2 -- off-by-one
Jueri Aedla discovered an off-by-one in libxml2, which could result in the execution of arbitrary code For the stable distribution (squeeze), this problem has been fixed in version 278dfsg-2+squeeze4 For the unstable distribution (sid), this problem has been fixed in version 278dfsg-91 We recommend that you upgrade your libxml2 packages ...
Amazon Linux AMI: ALAS-2012-134
Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion A remote attacker could provide a large, specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary ...

References

CWE-189http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.htmlhttp://code.google.com/p/chromium/issues/detail?id=125462http://www.securityfocus.com/bid/53540http://www.mandriva.com/security/advisories?name=MDVSA-2012:098http://secunia.com/advisories/49243http://www.securitytracker.com/id?1027067http://rhn.redhat.com/errata/RHSA-2013-0217.htmlhttp://secunia.com/advisories/50658http://www.mandriva.com/security/advisories?name=MDVSA-2013:056http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdfhttp://support.apple.com/kb/HT5934http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.htmlhttp://secunia.com/advisories/54886http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.htmlhttp://secunia.com/advisories/55568http://support.apple.com/kb/HT6001https://exchange.xforce.ibmcloud.com/vulnerabilities/75607https://lists.opensuse.org/opensuse-updates/2012-06/msg00011.htmlhttp://www.debian.org/security/2012/dsa-2479http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.htmlhttps://access.redhat.com/errata/RHSA-2012:1288https://usn.ubuntu.com/1447-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook