exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

CVE-2011-3919

Status Candidate

Overview

Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Related Files

Red Hat Security Advisory 2013-0217-01
Posted Feb 1, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0217-01 - These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW. IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release.

tags | advisory
systems | linux, redhat
advisories | CVE-2010-4008, CVE-2010-4494, CVE-2011-0216, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3102, CVE-2011-3905, CVE-2011-3919, CVE-2012-0841, CVE-2012-5134
SHA-256 | 1cd549ed331d887cc45d0de02f4cca9d6965b1454f082a5f2089b316b13ce1f0
Apple Security Advisory 2012-09-24-1
Posted Sep 25, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-09-24-1 - Apple TV 5.1 is now available and addresses issues relating to malicious media loading, memory corruption, and more.

tags | advisory
systems | apple
advisories | CVE-2011-1167, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3026, CVE-2011-3048, CVE-2011-3328, CVE-2011-3919, CVE-2011-4599, CVE-2012-0682, CVE-2012-0683, CVE-2012-1173, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3678, CVE-2012-3679, CVE-2012-3722, CVE-2012-3725, CVE-2012-3726
SHA-256 | 8b08f2840773bcd43aa00f4439e1687a278652e1b463a125bb95947245e9cf9b
VMware Security Advisory 2012-0012
Posted Jul 13, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0012 - VMware ESXi update addresses several security issues.

tags | advisory
advisories | CVE-2010-4008, CVE-2010-4494, CVE-2011-0216, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919, CVE-2012-0841
SHA-256 | 5b4b01c7d05b407f2019d9dcb62997fbe3639d1b4af2d9e365e42c1b2fc8c4ac
Apple Security Advisory 2012-05-09-1
Posted May 10, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-05-09-1 - OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. A temporary file race condition issue existed in blued's initialization routine. There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion. Various other vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-0241, CVE-2011-1004, CVE-2011-1005, CVE-2011-1167, CVE-2011-1777, CVE-2011-1778, CVE-2011-1944, CVE-2011-2692, CVE-2011-2821, CVE-2011-2834, CVE-2011-2895, CVE-2011-3212, CVE-2011-3328, CVE-2011-3389, CVE-2011-3919, CVE-2011-4566, CVE-2011-4815, CVE-2011-4885, CVE-2012-0036, CVE-2012-0642, CVE-2012-0649, CVE-2012-0651, CVE-2012-0652, CVE-2012-0654, CVE-2012-0655, CVE-2012-0656, CVE-2012-0657, CVE-2012-0658
SHA-256 | 8a1ec648cdab00dde0f7ff37efd462d6ad93a16f2b5d89ca92fb566b939516e3
VMware Security Advisory 2012-0008
Posted Apr 27, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0008 - VMware ESX updates have been created for the ESX Service Console. The ESX Service Console Operating System (COS) kernel is updated which addresses several security issues in the COS kernel. The ESX Console Operating System (COS) libxml2 rpms are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2 and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several security issues. Various other issues have also been addressed.

tags | advisory, kernel, python
advisories | CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3191, CVE-2011-3905, CVE-2011-3919, CVE-2011-4348, CVE-2012-0028
SHA-256 | 27151f1e6ac2161133d87031a0879739a1b47509b25590993f62b5efcc45c458
Gentoo Linux Security Advisory 201202-09
Posted Mar 1, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201202-9 - A boundary error in libxml2 could result in execution of arbitrary code or Denial of Service. Versions less than 2.7.8-r4 are affected.

tags | advisory, denial of service, arbitrary
systems | linux, gentoo
advisories | CVE-2011-3919
SHA-256 | bde2e1b45eb7d239fa2f7de36a8eab7009b159fc3b70d82f2e3ad79f0a447d28
Red Hat Security Advisory 2012-0104-01
Posted Feb 8, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0104-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted for this update to take effect.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-3919
SHA-256 | 9165e3b50d8f4caa9cb36bcfa88ebf90af850df3617220c0b88374cbdcb36f8f
Debian Security Advisory 2394-1
Posted Jan 27, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2394-1 - Many security problems had been fixed in libxml2, a popular library to handle XML data files.

tags | advisory
systems | linux, debian
advisories | CVE-2011-0216, CVE-2011-2821, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919
SHA-256 | d5fae078b6c0ad6c78c51df892f7929b0be7131a3570eaff8a688d24b8f71737
Ubuntu Security Notice USN-1334-1
Posted Jan 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1334-1 - It was discovered that libxml2 contained an off by one error. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libxml2 is vulnerable to double-free conditions when parsing certain XML documents. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-0216, CVE-2011-2821, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919
SHA-256 | 828483a1a6bbf8065e049dfca2a65efa7ca35f2fa4a558adde9549639c05bfb7
Mandriva Linux Security Advisory 2012-005
Posted Jan 16, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-005 - A heap-based buffer overflow in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2011-3919
SHA-256 | e5939476c43e6d787878d039c49fe11ed73acf04803d9a4e3523586da840d81e
Red Hat Security Advisory 2012-0018-01
Posted Jan 12, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0018-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-3905, CVE-2011-3919
SHA-256 | 345d81a1fa63ea7c70fd504a3e3e0e8f3843c34ad996db6b7180e9c9fe1bccdf
Red Hat Security Advisory 2012-0017-01
Posted Jan 12, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0017-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919
SHA-256 | 8de1cd5c934d9caf3a341c7d1360226ec9cec6a4e744aa685fb458b3ca5d0e5d
Red Hat Security Advisory 2012-0016-01
Posted Jan 12, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0016-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-0216, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919
SHA-256 | 71b1b4d3d81db6a48e2542cb538a368109f00aa37b462e9dc5d8f5e0f3f2b184
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close