PT-2012-1109 · Libxslt+4 · Libxslt+4

Published

2012-02-08

Updated

2024-06-15

CVE-2011-3970

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions libxslt versions prior to 1.1.26-r3 libxslt as used in Google Chrome versions prior to 17.0.963.46

Description The issue concerns multiple vulnerabilities in the libxslt package, which can be exploited remotely to cause a denial of service, potentially leading to disruption of protected information availability. The exploitation can be carried out via unspecified vectors, resulting in an out-of-bounds read.

Recommendations For libxslt versions prior to 1.1.26-r3, update to version 1.1.26-r3 or later to resolve the issue. For Google Chrome versions prior to 17.0.963.46, update to version 17.0.963.46 or later to address the vulnerability.

Exploit

Fix

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2015-09441

CESA-2012_1265

CVE-2011-3970

OPENSUSE-SU-2024:10171-1

OPENSUSE-SU-2024:12948-1

RHSA-2012:1265

RHSA-2012_1265

SUSE-SU-2012_0464-1

SUSE-SU-2012_0464-2

SUSE-SU-2013_1654-1

SUSE-SU-2013_1656-1

Affected Products

Centos

Google Chrome

Red Hat

Suse

Libxslt

PT-2012-1109 · Libxslt+4 · Libxslt+4

CVE-2011-3970

Weakness Enumeration

Related Identifiers

Affected Products

References · 2393