CVE-2011-3102
published 2012-05-16CVE-2011-3102: Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service…
PriorityP424medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
2.66%
83.8th percentile
Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.
Affected
61 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | iphone_os | <= 6.1.4 | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
| apple | iphone_os | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VMware
VMware vSphere security updates for the authentication service and third party libraries
vendor_vmware·2013-01-31·CVSS 10.0
CVE-2011-1202 [CRITICAL] VMware vSphere security updates for the authentication service and third party libraries
VMSA-2013-0001: VMware vSphere security updates for the authentication service and third party libraries
a. VMware vSphere client-side authentication memory corruption vulnerability VMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the handling of the management authentication protocol. To exploit this vulnerability, an attacker must convince either vCenter Server, vSphere Client or ESX to interact with a malicious server as a client. Exploitation of the issue may lead to code execution on the client system. To reduce the likelihood of exploitation, vSphere components should be deployed on an isolated management network. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2013-1405 to this issue. Column 4 of the following tabl
VMware
VMware security updates for vCSA, vCenter Server, and ESXi
vendor_vmware·2012-12-20·CVSS 4.0
CVE-2009-5029 [MEDIUM] VMware security updates for vCSA, vCenter Server, and ESXi
VMSA-2012-0018: VMware security updates for vCSA, vCenter Server, and ESXi
a. vCenter Server Appliance directory traversal The vCenter Server Appliance (vCSA) contains a directory traversal vulnerability that allows an authenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose sensitive information stored on the server. VMware would like to thank Alexander Minozhenko from ERPScan for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-6324 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Product Version Running on Replace with/ Apply Patch VMware Product vCSA Product Vers
Ubuntu
libxml2 vulnerability
vendor_ubuntu·2012-05-21
CVE-2011-3102 libxml2 vulnerability
Title: libxml2 vulnerability
Summary: Applications using libxml2 could be made to crash or run programs as your
login if they opened a specially crafted file.
Juri Aedla discovered that libxml2 contained an off by one error in its
XPointer functionality. If a user or application linked against libxml2
were tricked into opening a specially crafted XML file, an attacker could
cause the application to crash or possibly execute arbitrary code with the
privileges of the user invoking the program.
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Red Hat
libxml: An off-by-one out-of-bounds write by XPointer part evaluation
vendor_redhat·2012-05-15·CVSS 6.8
CVE-2011-3102 [MEDIUM] CWE-787 libxml: An off-by-one out-of-bounds write by XPointer part evaluation
libxml: An off-by-one out-of-bounds write by XPointer part evaluation
Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.
Debian
CVE-2011-3102: libxml2 - Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and ot...
vendor_debian·2011·CVSS 6.8
CVE-2011-3102 [MEDIUM] CVE-2011-3102: libxml2 - Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and ot...
Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.
Scope: local
bookworm: resolved (fixed in 2.7.8.dfsg-9.1)
bullseye: resolved (fixed in 2.7.8.dfsg-9.1)
forky: resolved (fixed in 2.7.8.dfsg-9.1)
sid: resolved (fixed in 2.7.8.dfsg-9.1)
trixie: resolved (fixed in 2.7.8.dfsg-9.1)
GHSA
GHSA-qr4v-5qvh-34j2: Off-by-one error in libxml2, as used in Google Chrome before 19
ghsa_unreviewed·2022-05-14
CVE-2011-3102 [MEDIUM] GHSA-qr4v-5qvh-34j2: Off-by-one error in libxml2, as used in Google Chrome before 19
Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.
OSV
CVE-2011-3102: Off-by-one error in libxml2, as used in Google Chrome before 19
osv·2012-05-16·CVSS 6.8
CVE-2011-3102 [MEDIUM] CVE-2011-3102: Off-by-one error in libxml2, as used in Google Chrome before 19
Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-3102 CVE-2012-2807 mingw32-libxml2 various flaws [fedora-all]
bugzilla·2012-09-20·CVSS 6.8
CVE-2011-3102 [MEDIUM] CVE-2011-3102 CVE-2012-2807 mingw32-libxml2 various flaws [fedora-all]
CVE-2011-3102 CVE-2012-2807 mingw32-libxml2 various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs
Bugzilla
CVE-2011-3102 CVE-2012-2807 mingw32-libxml2 various flaws [epel-5]
bugzilla·2012-09-20·CVSS 6.8
CVE-2011-3102 [MEDIUM] CVE-2011-3102 CVE-2012-2807 mingw32-libxml2 various flaws [epel-5]
CVE-2011-3102 CVE-2012-2807 mingw32-libxml2 various flaws [epel-5]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=822
Bugzilla
CVE-2011-3102 libxml: An off-by-one out-of-bounds write by XPointer part evaluation [fedora-all]
bugzilla·2012-05-16·CVSS 6.8
CVE-2011-3102 [MEDIUM] CVE-2011-3102 libxml: An off-by-one out-of-bounds write by XPointer part evaluation [fedora-all]
CVE-2011-3102 libxml: An off-by-one out-of-bounds write by XPointer part evaluation [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/update
Bugzilla
CVE-2011-3102 libxml: An off-by-one out-of-bounds write by XPointer part evaluation
bugzilla·2012-05-16·CVSS 6.8
CVE-2011-3102 [MEDIUM] CVE-2011-3102 libxml: An off-by-one out-of-bounds write by XPointer part evaluation
CVE-2011-3102 libxml: An off-by-one out-of-bounds write by XPointer part evaluation
An off-by-one out-of-bounds write flaw was found in the way libxml, a library for providing XML and HTML support, evaluated certain XPointer parts (XPointer is used by libxml to include only the part from the returned XML document, that can be accessed using the XPath expression given with the XPointer). A remote attacker could provide a specially-crafted XML file, which once opened in an application, linked against libxml, would lead to that application crash, or, potentially arbitrary code execution with the privileges of the user running the application.
Note: The flaw to be exploited requires the particular application, linked against libxml, to use the XPointer evaluation functionality.
References:
http://code.google.com/p/chromium/issues/detail?id=125462http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.htmlhttp://lists.apple.com/archives/security-announce/2013/Oct/msg00009.htmlhttp://lists.apple.com/archives/security-announce/2013/Sep/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0217.htmlhttp://secunia.com/advisories/49243http://secunia.com/advisories/50658http://secunia.com/advisories/54886http://secunia.com/advisories/55568http://support.apple.com/kb/HT5934http://support.apple.com/kb/HT6001http://www.debian.org/security/2012/dsa-2479http://www.mandriva.com/security/advisories?name=MDVSA-2012:098http://www.mandriva.com/security/advisories?name=MDVSA-2013:056http://www.securityfocus.com/bid/53540http://www.securitytracker.com/id?1027067http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdfhttps://exchange.xforce.ibmcloud.com/vulnerabilities/75607https://lists.opensuse.org/opensuse-updates/2012-06/msg00011.htmlhttp://code.google.com/p/chromium/issues/detail?id=125462http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.htmlhttp://lists.apple.com/archives/security-announce/2013/Oct/msg00009.htmlhttp://lists.apple.com/archives/security-announce/2013/Sep/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0217.htmlhttp://secunia.com/advisories/49243http://secunia.com/advisories/50658http://secunia.com/advisories/54886http://secunia.com/advisories/55568http://support.apple.com/kb/HT5934http://support.apple.com/kb/HT6001http://www.debian.org/security/2012/dsa-2479http://www.mandriva.com/security/advisories?name=MDVSA-2012:098http://www.mandriva.com/security/advisories?name=MDVSA-2013:056http://www.securityfocus.com/bid/53540http://www.securitytracker.com/id?1027067http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdfhttps://exchange.xforce.ibmcloud.com/vulnerabilities/75607https://lists.opensuse.org/opensuse-updates/2012-06/msg00011.html
2012-05-16
Published