Описание
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 22.0.1229.79~r158531-0ubuntu1 |
| hardy | DNE | |
| lucid | released | 3.0.1271.97-0ubuntu0.10.04.1 |
| natty | ignored | end of life |
| oneiric | released | 3.0.1271.97-0ubuntu0.11.10.1 |
| precise | released | 3.0.1271.97-0ubuntu0.12.04.1 |
| quantal | released | 3.0.1271.97-0ubuntu0.12.10.1 |
| upstream | released | 21.0.1180.89~r154005-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.1.26-14 |
| hardy | released | 1.1.22-1ubuntu1.3 |
| lucid | released | 1.1.26-1ubuntu1.1 |
| natty | released | 1.1.26-6ubuntu0.1 |
| oneiric | released | 1.1.26-7ubuntu0.1 |
| precise | released | 1.1.26-8ubuntu1.2 |
| quantal | not-affected | 1.1.26-14 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
Связанные уязвимости
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180. ...
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
4.3 Medium
CVSS2