Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-2871

Опубликовано: 31 авг. 2012
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.

Комментарий

Per: http://cwe.mitre.org/data/definitions/704.html

'CWE-704: Incorrect Type Conversion or Cast'

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Версия до 6.1.4 (включая)
cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:5.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:5.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:5.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:5.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:6.1.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:6.1.3:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Версия до 21.0.1180.88 (включая)
cpe:2.3:a:google:chrome:21.0.1180.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.1:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.31:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.32:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.33:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.34:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.35:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.36:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.37:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.38:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.39:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.41:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.46:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.47:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.48:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.49:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.50:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.51:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.52:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.53:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.54:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.55:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.56:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.57:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.59:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.60:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.61:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.62:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.63:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.64:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.68:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.69:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.70:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.71:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.72:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.73:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.74:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.75:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.76:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.77:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.78:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.79:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.80:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.81:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.82:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.83:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.84:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.85:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.86:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:21.0.1180.87:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:*:rc1:*:*:*:*:*:*
Версия до 2.9.0 (включая)

EPSS

Процентиль: 68%
0.00601
Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2012-2871

ubuntu
почти 13 лет назад

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.

redhat логотип

CVE-2012-2871

redhat
почти 13 лет назад

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.

debian логотип

CVE-2012-2871

debian
почти 13 лет назад

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.11 ...

github логотип

GHSA-259f-5jp2-pgmr

github
около 3 лет назад

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.

fstec логотип

BDU:2015-02885

fstec
почти 13 лет назад

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 68%
0.00601
Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other