CVE-2011-2834
published 2011-09-19CVE-2011-2834: Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have…
PriorityP424medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
2.13%
79.7th percentile
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | iphone_os | < 6.0 | 6.0 |
| apple | mac_os_x | < 10.7.4 | 10.7.4 |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | libxml2 | < libxml2 2.7.8.dfsg-5 (bookworm) | libxml2 2.7.8.dfsg-5 (bookworm) |
| chrome | < 14.0.835.163 | 14.0.835.163 | |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_workstation | — | — |
| xmlsoft | libxml2 | >= 0 < 2.7.8.dfsg-5 | 2.7.8.dfsg-5 |
| xmlsoft | libxml2 | >= 0 < 2.7.8.dfsg-5 | 2.7.8.dfsg-5 |
| xmlsoft | libxml2 | >= 0 < 2.7.8.dfsg-5 | 2.7.8.dfsg-5 |
| xmlsoft | libxml2 | >= 0 < 2.7.8.dfsg-5 | 2.7.8.dfsg-5 |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_ubuntu9.3CRITICAL
vendor_debian6.8LOW
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
libxml2 vulnerabilities
vendor_ubuntu·2012-01-19·CVSS 9.3
CVE-2011-0216 [CRITICAL] libxml2 vulnerabilities
Title: libxml2 vulnerabilities
Summary: Applications using libxml2 could be made to crash or run programs as your
login if they opened a specially crafted file.
It was discovered that libxml2 contained an off by one error. If a user or
application linked against libxml2 were tricked into opening a specially
crafted XML file, an attacker could cause the application to crash or
possibly execute arbitrary code with the privileges of the user invoking
the program. (CVE-2011-0216)
It was discovered that libxml2 is vulnerable to double-free conditions
when parsing certain XML documents. This could allow a remote attacker to
cause a denial of service. (CVE-2011-2821, CVE-2011-2834)
It was discovered that libxml2 did not properly detect end of file when
parsing certain XML documents. An attack
Red Hat
libxml2: double-free caused by malformed XPath expression in XSLT
vendor_redhat·2011-10-11·CVSS 6.8
CVE-2011-2834 [MEDIUM] libxml2: double-free caused by malformed XPath expression in XSLT
libxml2: double-free caused by malformed XPath expression in XSLT
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
Debian
CVE-2011-2834: libxml2 - Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.1...
vendor_debian·2011·CVSS 6.8
CVE-2011-2834 [MEDIUM] CVE-2011-2834: libxml2 - Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.1...
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
Scope: local
bookworm: resolved (fixed in 2.7.8.dfsg-5)
bullseye: resolved (fixed in 2.7.8.dfsg-5)
forky: resolved (fixed in 2.7.8.dfsg-5)
sid: resolved (fixed in 2.7.8.dfsg-5)
trixie: resolved (fixed in 2.7.8.dfsg-5)
GHSA
GHSA-r39r-m3xh-jh67: Double free vulnerability in libxml2, as used in Google Chrome before 14
ghsa_unreviewed·2022-05-13
CVE-2011-2834 [MEDIUM] CWE-415 GHSA-r39r-m3xh-jh67: Double free vulnerability in libxml2, as used in Google Chrome before 14
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
OSV
CVE-2011-2834: Double free vulnerability in libxml2, as used in Google Chrome before 14
osv·2011-09-19·CVSS 6.8
CVE-2011-2834 [MEDIUM] CVE-2011-2834: Double free vulnerability in libxml2, as used in Google Chrome before 14
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-3919 CVE-2011-3905 CVE-2011-2834 libxml2 various flaws [fedora-all]
bugzilla·2012-01-06·CVSS 6.8
CVE-2011-3919 [MEDIUM] CVE-2011-3919 CVE-2011-3905 CVE-2011-2834 libxml2 various flaws [fedora-all]
CVE-2011-3919 CVE-2011-3905 CVE-2011-2834 libxml2 various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=securit
Bugzilla
CVE-2011-0216 CVE-2011-3905 CVE-2011-3919 mingw32-libxml2: Off-by-one error leading to heap-based buffer overflow in encoding [fedora-all]
bugzilla·2011-11-22·CVSS 9.3
CVE-2011-0216 [CRITICAL] CVE-2011-0216 CVE-2011-3905 CVE-2011-3919 mingw32-libxml2: Off-by-one error leading to heap-based buffer overflow in encoding [fedora-all]
CVE-2011-0216 CVE-2011-3905 CVE-2011-3919 mingw32-libxml2: Off-by-one error leading to heap-based buffer overflow in encoding [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission li
Bugzilla
CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding [fedora-all]
bugzilla·2011-11-22·CVSS 9.3
CVE-2011-0216 [CRITICAL] CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding [fedora-all]
CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/
Bugzilla
CVE-2011-2834 libxml2: double-free caused by malformed XPath expression in XSLT
bugzilla·2011-09-05·CVSS 6.8
CVE-2011-2834 [MEDIUM] CVE-2011-2834 libxml2: double-free caused by malformed XPath expression in XSLT
CVE-2011-2834 libxml2: double-free caused by malformed XPath expression in XSLT
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-2834 to
the following vulnerability:
Name: CVE-2011-2834
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834
Assigned: 20110720
Reference: CONFIRM:http://code.google.com/p/chromium/issues/detail?id=93472
Reference: CONFIRM:http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html
Double free vulnerability in libxml2, as used in Google Chrome before
14.0.835.163, allows remote attackers to cause a denial of service or
possibly have unspecified other impact via vectors related to XPath
handling.
Discussion:
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2011:1749
http://code.google.com/p/chromium/issues/detail?id=93472http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.htmlhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041http://lists.apple.com/archives/security-announce/2012/May/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2012/Sep/msg00003.htmlhttp://osvdb.org/75560http://rhn.redhat.com/errata/RHSA-2013-0217.htmlhttp://support.apple.com/kb/HT5281http://support.apple.com/kb/HT5503http://www.debian.org/security/2012/dsa-2394http://www.mandriva.com/security/advisories?name=MDVSA-2011:145http://www.redhat.com/support/errata/RHSA-2011-1749.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/69885https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14410http://code.google.com/p/chromium/issues/detail?id=93472http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.htmlhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041http://lists.apple.com/archives/security-announce/2012/May/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2012/Sep/msg00003.htmlhttp://osvdb.org/75560http://rhn.redhat.com/errata/RHSA-2013-0217.htmlhttp://support.apple.com/kb/HT5281http://support.apple.com/kb/HT5503http://www.debian.org/security/2012/dsa-2394http://www.mandriva.com/security/advisories?name=MDVSA-2011:145http://www.redhat.com/support/errata/RHSA-2011-1749.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/69885https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14410
2011-09-19
Published