Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2017-5130

Published: 07/02/2018 Updated: 08/04/2022
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Google

Vulnerability Summary

An integer overflow in xmlmemory.c in libxml2 prior to 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote malicious user to potentially exploit heap corruption via a crafted XML file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

debian debian linux 9.0

debian debian linux 8.0

xmlsoft libxml2

Vendor Advisories

Red Hat: Important: chromium-browser security update
Synopsis Important: chromium-browser security update Type/Severity Security Advisory: Important Topic An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...
Debian CVElist Bug Report Logs: libxml2: CVE-2017-5130
Debian Bug report logs - #880000 libxml2: CVE-2017-5130 Package: src:libxml2; Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 28 Oct 2017 08:03:04 UTC Severity: important Tags: patch, security, upstrea ...
Debian CVElist Bug Report Logs: CVE-2017-5969: libxml2: null pointer dereference when parsing a xml file using recover mode
Debian Bug report logs - #855001 CVE-2017-5969: libxml2: null pointer dereference when parsing a xml file using recover mode Package: libxml2; Maintainer for libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Source for libxml2 is src:libxml2 (PTS, buildd, popcon) Reported by: Henri Salo <hen ...
Arch Linux Issues:
A heap overflow security issue has been found in libxml2 ...

References

CWE-787https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51edhttps://crbug.com/722079https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.htmlhttp://bugzilla.gnome.org/show_bug.cgi?id=783026https://security.gentoo.org/glsa/201710-24https://lists.debian.org/debian-lts-announce/2017/11/msg00034.htmlhttps://access.redhat.com/errata/RHSA-2017:2997http://www.securityfocus.com/bid/101482https://security.netapp.com/advisory/ntap-20190719-0001/https://www.oracle.com/security-alerts/cpuapr2020.htmlhttps://lists.debian.org/debian-lts-announce/2022/04/msg00004.htmlhttps://access.redhat.com/errata/RHSA-2017:2997https://nvd.nist.govhttps://security.archlinux.org/CVE-2017-5130
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654CVE-2023-49606encryptionNULL pointer dereferenceCVE-2024-4439CVE-2024-4649race conditionCVE-2024-27202CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook