CVE-2012-2870

CWE-399 CWE-416 — Use After Free9 documents8 sources

Severity

4.3MEDIUM

EPSS

0.9%

top 24.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Iphone OS Google Chrome Xmlsoft Libxslt

Timeline

PublishedAug 31

Latest updateMay 17

Description

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages4 packages

▶Debianlibxslt< 1.1.26-14+3

▶NVDxmlsoft/libxslt1.1.26+17

▶NVDgoogle/chrome21.0.1180.88+51

▶NVDapple/iphone_os6.1.4+47

🔴Vulnerability Details

GHSA

GHSA-3g6j-g63v-rg6h: libxslt 1↗2022-05-17

▶

OSV

CVE-2012-2870: libxslt 1↗2012-08-31

▶

CVEList

CVE-2012-2870: libxslt 1↗2012-08-31

▶

📋Vendor Advisories

Ubuntu

libxslt vulnerabilities↗2012-10-04

▶

Red Hat

libxslt: Use-after-free when processing an invalid XPath expression↗2012-08-31

▶

Debian

CVE-2012-2870: libxslt - libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does n...↗2012

▶

💬Community

Bugzilla

CVE-2012-2870 libxslt: Use-after-free when processing an invalid XPath expression↗2012-08-30

▶

Bugzilla

CVE-2012-2825 CVE-2012-2871 CVE-2012-2870 libxslt various flaws [fedora-all]↗2012-06-27

▶