exploit the possibilities
Showing 1 - 12 of 12 RSS Feed

CVE-2011-2821

Status Candidate

Overview

Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.

Related Files

HP Security Bulletin HPSBMU02786 SSRT100877 2
Posted May 9, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02786 SSRT100877 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux, Windows, and VMware ESX. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, windows
advisories | CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3379, CVE-2011-3607, CVE-2011-4078, CVE-2011-4108, CVE-2011-4153, CVE-2011-4317, CVE-2011-4415, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4885, CVE-2012-0021, CVE-2012-0027, CVE-2012-0031, CVE-2012-0036, CVE-2012-0053, CVE-2012-0057, CVE-2012-0830, CVE-2012-1165, CVE-2012-1823, CVE-2012-2012, CVE-2012-2013, CVE-2012-2014, CVE-2012-2015, CVE-2012-2016
MD5 | 80f8158182e481b6569a26d38a63761b
Red Hat Security Advisory 2013-0217-01
Posted Feb 1, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0217-01 - These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW. IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release.

tags | advisory
systems | linux, redhat
advisories | CVE-2010-4008, CVE-2010-4494, CVE-2011-0216, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3102, CVE-2011-3905, CVE-2011-3919, CVE-2012-0841, CVE-2012-5134
MD5 | 5d58753a06f8a0e9b2707ea31764ec03
Apple Security Advisory 2012-09-24-1
Posted Sep 25, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-09-24-1 - Apple TV 5.1 is now available and addresses issues relating to malicious media loading, memory corruption, and more.

tags | advisory
systems | apple
advisories | CVE-2011-1167, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3026, CVE-2011-3048, CVE-2011-3328, CVE-2011-3919, CVE-2011-4599, CVE-2012-0682, CVE-2012-0683, CVE-2012-1173, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3678, CVE-2012-3679, CVE-2012-3722, CVE-2012-3725, CVE-2012-3726
MD5 | 02d5cf6eea27e80e9fb74ce87ba23963
Apple Security Advisory 2012-09-19-1
Posted Sep 22, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-09-19-1 - iOS 6 is now available and addresses CFNetwork, CoreGraphics, CoreMedia, DHCP, and many other vulnerabilities.

tags | advisory, vulnerability
systems | cisco, apple
advisories | CVE-2011-1167, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-2845, CVE-2011-3016, CVE-2011-3021, CVE-2011-3026, CVE-2011-3027, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3048, CVE-2011-3050, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067
MD5 | abb1cfa99a6e945bda478975a09addde
VMware Security Advisory 2012-0012
Posted Jul 13, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0012 - VMware ESXi update addresses several security issues.

tags | advisory
advisories | CVE-2010-4008, CVE-2010-4494, CVE-2011-0216, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919, CVE-2012-0841
MD5 | 88bdb05b2e09a6f74db93a991c7c1834
HP Security Bulletin HPSBMU02786 SSRT100877
Posted Jun 28, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02786 SSRT100877 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, windows
advisories | CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3379, CVE-2011-3607, CVE-2011-4078, CVE-2011-4108, CVE-2011-4153, CVE-2011-4317, CVE-2011-4415, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4885, CVE-2012-0021, CVE-2012-0027, CVE-2012-0031, CVE-2012-0036, CVE-2012-0053, CVE-2012-0057, CVE-2012-0830, CVE-2012-1165, CVE-2012-1823, CVE-2012-2012, CVE-2012-2013, CVE-2012-2014, CVE-2012-2015, CVE-2012-2016
MD5 | 31d29fe7aaae474acd1185e3d5e9e226
Apple Security Advisory 2012-05-09-1
Posted May 10, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-05-09-1 - OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. A temporary file race condition issue existed in blued's initialization routine. There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion. Various other vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-0241, CVE-2011-1004, CVE-2011-1005, CVE-2011-1167, CVE-2011-1777, CVE-2011-1778, CVE-2011-1944, CVE-2011-2692, CVE-2011-2821, CVE-2011-2834, CVE-2011-2895, CVE-2011-3212, CVE-2011-3328, CVE-2011-3389, CVE-2011-3919, CVE-2011-4566, CVE-2011-4815, CVE-2011-4885, CVE-2012-0036, CVE-2012-0642, CVE-2012-0649, CVE-2012-0651, CVE-2012-0652, CVE-2012-0654, CVE-2012-0655, CVE-2012-0656, CVE-2012-0657, CVE-2012-0658
MD5 | 9614673327dc336467f1b3577177a46e
Debian Security Advisory 2394-1
Posted Jan 27, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2394-1 - Many security problems had been fixed in libxml2, a popular library to handle XML data files.

tags | advisory
systems | linux, debian
advisories | CVE-2011-0216, CVE-2011-2821, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919
MD5 | 77050a9a5d2e70e5230ae57b6ce6a129
Ubuntu Security Notice USN-1334-1
Posted Jan 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1334-1 - It was discovered that libxml2 contained an off by one error. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libxml2 is vulnerable to double-free conditions when parsing certain XML documents. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-0216, CVE-2011-2821, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919
MD5 | d35688e59e6cb186155a63ae04e731e5
Red Hat Security Advisory 2011-1749-03
Posted Dec 7, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1749-03 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. An off-by-one error, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XML files. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2010-4008, CVE-2010-4494, CVE-2011-0216, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834
MD5 | 8d03073a625a31db2491496376fc7652
Gentoo Linux Security Advisory 201110-26
Posted Oct 27, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-26 - Multiple vulnerabilities were found in libxml2 which could lead to execution of arbitrary code or a denial of service. Versions less than 2.7.8-r3 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-4008, CVE-2010-4494, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834
MD5 | dc51c7fc5f8a723b34c9efb6b33941b1
Mandriva Linux Security Advisory 2011-145
Posted Oct 10, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-145 - Double free vulnerabilities in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression and via vectors related to XPath handling.

tags | advisory, remote, denial of service, vulnerability
systems | linux, mandriva
advisories | CVE-2011-2821, CVE-2011-2834
MD5 | 52e8b3d4dd3c025b8c292f3ee81b3eed
Page 1 of 1
Back1Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    3 Files
  • 18
    Nov 18th
    22 Files
  • 19
    Nov 19th
    16 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close