CVE-2011-3970

CWE-125Out-of-bounds Read10 documents9 sources
Severity
4.3MEDIUM
EPSS
0.5%
top 34.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Google ChromeXmlsoft LibxsltSuse Linux Enterprise Desktop+2 more
Timeline
PublishedFeb 9
Latest updateMay 13

Description

libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages6 packages

NVDgoogle/chrome< 17.0.963.46
Debianlibxslt< 1.1.26-11+3
NVDxmlsoft/libxslt1.1.26

🔴Vulnerability Details

3
GHSA
GHSA-pmqr-v7cp-5xfx: libxslt, as used in Google Chrome before 172022-05-13
OSV
CVE-2011-3970: libxslt, as used in Google Chrome before 172012-02-09
CVEList
CVE-2011-3970: libxslt, as used in Google Chrome before 172012-02-09

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow (MS11-006) (Metasploit)2011-02-08

📋Vendor Advisories

3
Ubuntu
libxslt vulnerabilities2012-10-04
Red Hat
libxslt: Out-of-bounds read when parsing certain patterns2012-02-09
Debian
CVE-2011-3970: libxslt - libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to...2011

💬Community

2
Bugzilla
CVE-2011-3970 libxslt: Out-of-bounds read when parsing certain patterns [fedora-all]2012-02-09
Bugzilla
CVE-2011-3970 libxslt: Out-of-bounds read when parsing certain patterns2012-02-09
CVE-2011-3970 (MEDIUM CVSS 4.3) | cvebase.io