Описание
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.1.15-1ubuntu1.2 |
| devel | not-affected | 1.1.24-1ubuntu1 |
| feisty | released | 1.1.20-0ubuntu2.2 |
| gutsy | released | 1.1.21-2ubuntu2.2 |
| hardy | released | 1.1.22-1ubuntu1.2 |
| upstream | released | 1.1.24 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-d ...
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
EPSS
7.5 High
CVSS2