Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2011-3970

Published: 09/02/2012 Updated: 07/11/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 385
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Google

Vulnerability Summary

libxslt, as used in Google Chrome prior to 17.0.963.46, allows remote malicious users to cause a denial of service (out-of-bounds read) via unspecified vectors.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

xmlsoft libxslt

suse linux enterprise desktop 11

suse linux enterprise server 11

suse linux enterprise software development kit 11

suse linux enterprise server 10

Vendor Advisories

Red Hat: Important: libxslt security update
Synopsis Important: libxslt security update Type/Severity Security Advisory: Important Topic Updated libxslt packages that fix several security issues are now availablefor Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vul ...
Ubuntu Security Notice: libxslt vulnerabilities
Applications using libxslt could be made to crash or run programs as your login if they processed a specially crafted file ...
Debian CVElist Bug Report Logs: CVE-2012-2825
Debian Bug report logs - #679283 CVE-2012-2825 Package: libxslt; Maintainer for libxslt is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Wed, 27 Jun 2012 15:21:09 UTC Severity: grave Tags: security Fixed in versions libxslt/11 ...
Debian CVElist Bug Report Logs: CVE-2011-3970: Denial of Service
Debian Bug report logs - #660650 CVE-2011-3970: Denial of Service Package: libxslt; Maintainer for libxslt is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Mon, 20 Feb 2012 16:24:02 UTC Severity: important Tags: security Fixed ...
Amazon Linux AMI: ALAS-2012-123
A heap-based buffer overflow flaw was found in the way libxslt applied templates to nodes selected by certain namespaces An attacker could use this flaw to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash or, possibly, execute arbitrary code ...

References

CWE-125https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.htmlhttp://googlechromereleases.blogspot.com/2012/02/stable-channel-update.htmlhttps://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14818http://code.google.com/p/chromium/issues/detail?id=110277https://access.redhat.com/errata/RHSA-2012:1265https://usn.ubuntu.com/1595-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook