Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2011-3919

Published: 07/01/2012 Updated: 07/11/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Google

Vulnerability Summary

Heap-based buffer overflow in libxml2, as used in Google Chrome prior to 16.0.912.75, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

apple iphone os

apple mac os x

suse linux enterprise server 10

redhat enterprise linux desktop 6.0

redhat enterprise linux server 6.0

redhat enterprise linux workstation 6.0

redhat enterprise linux server eus 6.3

debian debian linux 5.0

debian debian linux 7.0

debian debian linux 6.0

Vendor Advisories

Ubuntu Security Notice: libxml2 vulnerabilities
Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file ...
Debian CVElist Bug Report Logs: Two security issues
Debian Bug report logs - #652352 Two security issues Package: libxml2; Maintainer for libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Source for libxml2 is src:libxml2 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Fri, 16 Dec 2011 14:54:01 UTC ...
Debian CVElist Bug Report Logs: libxml2: [PATCH] fix for CVE-2011-3919
Debian Bug report logs - #656377 libxml2: [PATCH] fix for CVE-2011-3919 Package: libxml2; Maintainer for libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Source for libxml2 is src:libxml2 (PTS, buildd, popcon) Reported by: Jamie Strandboge <jamie@ubuntucom> Date: Wed, 18 Jan 2012 21:3 ...
Red Hat: Important: libxml2 security update
Synopsis Important: libxml2 security update Type/Severity Security Advisory: Important Topic Updated libxml2 packages that fix several security issues are now availablefor Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerabi ...
Red Hat: Important: libxml2 security update
Synopsis Important: libxml2 security update Type/Severity Security Advisory: Important Topic Updated libxml2 packages that fix several security issues are now availablefor Red Hat Enterprise Linux 4The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerabi ...
Red Hat: Important: libxml2 security update
Synopsis Important: libxml2 security update Type/Severity Security Advisory: Important Topic Updated libxml2 packages that fix one security issue are now available forRed Hat Enterprise Linux 56 Extended Update SupportThe Red Hat Security Response Team has rated this update as havingimportant security imp ...
Red Hat: Important: libxml2 security update
Synopsis Important: libxml2 security update Type/Severity Security Advisory: Important Topic Updated libxml2 packages that fix two security issues are now available forRed Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerability ...
Amazon Linux AMI: ALAS-2012-036
A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the ap ...

References

CWE-787http://www.securityfocus.com/bid/51300https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14504http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2012/Sep/msg00003.htmlhttp://support.apple.com/kb/HT5503http://rhn.redhat.com/errata/RHSA-2013-0217.htmlhttp://googlechromereleases.blogspot.com/2012/01/stable-channel-update.htmlhttp://code.google.com/p/chromium/issues/detail?id=107128http://secunia.com/advisories/55568http://www.mandriva.com/security/advisories?name=MDVSA-2012:005http://www.securitytracker.com/id?1026487http://secunia.com/advisories/47449http://support.apple.com/kb/HT5281http://lists.apple.com/archives/security-announce/2012/May/msg00001.htmlhttp://www.debian.org/security/2012/dsa-2394https://usn.ubuntu.com/1334-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook