PT-2012-1109 · Libxslt+4 · Libxslt+4

Publicado

2012-02-08

Atualizado

2024-06-15

CVE-2011-3970

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions libxslt versions prior to 1.1.26-r3 libxslt as used in Google Chrome versions prior to 17.0.963.46

Description The issue concerns multiple vulnerabilities in the libxslt package, which can be exploited remotely to cause a denial of service, potentially leading to disruption of protected information availability. The exploitation can be carried out via unspecified vectors, resulting in an out-of-bounds read.

Recommendations For libxslt versions prior to 1.1.26-r3, update to version 1.1.26-r3 or later to resolve the issue. For Google Chrome versions prior to 17.0.963.46, update to version 17.0.963.46 or later to address the vulnerability.

Exploit

Correção

DoS

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

BDU:2015-09441

CESA-2012_1265

CVE-2011-3970

OPENSUSE-SU-2024:10171-1

OPENSUSE-SU-2024:12948-1

RHSA-2012:1265

RHSA-2012_1265

SUSE-SU-2012_0464-1

SUSE-SU-2012_0464-2

SUSE-SU-2013_1654-1

SUSE-SU-2013_1656-1

Produtos afetados

Centos

Google Chrome

Red Hat

Suse

Libxslt

PT-2012-1109 · Libxslt+4 · Libxslt+4

CVE-2011-3970

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2393