Published: 13/12/2011 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

libxml2, as used in Google Chrome prior to 16.0.912.63, allows remote malicious users to cause a denial of service (out-of-bounds read) via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome
debian debian linux 5.0
debian debian linux 7.0
debian debian linux 6.0
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux workstation 6.0
redhat enterprise linux server eus 6.3

Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file ...

Debian Bug report logs - #652352 Two security issues Package: libxml2; Maintainer for libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Source for libxml2 is src:libxml2 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Fri, 16 Dec 2011 14:54:01 UTC ...

Debian Bug report logs - #656377 libxml2: [PATCH] fix for CVE-2011-3919 Package: libxml2; Maintainer for libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Source for libxml2 is src:libxml2 (PTS, buildd, popcon) Reported by: Jamie Strandboge <jamie@ubuntucom> Date: Wed, 18 Jan 2012 21:3 ...

Synopsis Important: libxml2 security update Type/Severity Security Advisory: Important Topic Updated libxml2 packages that fix several security issues are now availablefor Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerabi ...

Synopsis Important: libxml2 security update Type/Severity Security Advisory: Important Topic Updated libxml2 packages that fix several security issues are now availablefor Red Hat Enterprise Linux 4The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerabi ...

Synopsis Important: libxml2 security update Type/Severity Security Advisory: Important Topic Updated libxml2 packages that fix two security issues are now available forRed Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerability ...

A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the ap ...

CWE-125 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14761 http://rhn.redhat.com/errata/RHSA-2013-0217.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:188 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html http://code.google.com/p/chromium/issues/detail?id=95465 http://www.debian.org/security/2012/dsa-2394 https://usn.ubuntu.com/1334-1/https://nvd.nist.gov

CVE-2011-3905

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect