CVE-2012-6139
published 2013-04-12CVE-2012-6139: libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key…
PriorityP423medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
4.46%
90.2th percentile
libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c.
Affected
86 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libxslt | < libxslt 1.1.26-14.1 (bookworm) | libxslt 1.1.26-14.1 (bookworm) |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| xmlsoft | libxslt | <= 1.1.27 | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
| xmlsoft | libxslt | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
libxslt vulnerability
vendor_ubuntu·2013-04-02
CVE-2012-6139 libxslt vulnerability
Title: libxslt vulnerability
Summary: Applications using libxslt could be made to crash if they processed a
specially crafted file.
Nicholas Gregoire discovered that libxslt incorrectly handled certain empty
values. If a user or automated system were tricked into processing a
specially crafted XSLT document, a remote attacker could cause libxslt to
crash, causing a denial of service.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
libxslt: two DoS issues fixed in 1.1.28
vendor_redhat·2012-10-02·CVSS 5.0
CVE-2012-6139 [MEDIUM] libxslt: two DoS issues fixed in 1.1.28
libxslt: two DoS issues fixed in 1.1.28
libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c.
Statement: Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Package: libxslt (Red Hat Enterprise Linux 5) - Will not fix
Package: libxslt (Red Hat Enterprise Linux 6) - Will not fix
Package: mingw32-libxslt (Red Hat Enterprise Linux 6) - Will not
Debian
CVE-2012-6139: libxslt - libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL...
vendor_debian·2012·CVSS 5.0
CVE-2012-6139 [MEDIUM] CVE-2012-6139: libxslt - libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL...
libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c.
Scope: local
bookworm: resolved (fixed in 1.1.26-14.1)
bullseye: resolved (fixed in 1.1.26-14.1)
forky: resolved (fixed in 1.1.26-14.1)
sid: resolved (fixed in 1.1.26-14.1)
trixie: resolved (fixed in 1.1.26-14.1)
GHSA
GHSA-jg9f-36wv-mjmx: libxslt before 1
ghsa_unreviewed·2022-05-14
CVE-2012-6139 [MEDIUM] GHSA-jg9f-36wv-mjmx: libxslt before 1
libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c.
OSV
CVE-2012-6139: libxslt before 1
osv·2013-04-12·CVSS 5.0
CVE-2012-6139 [MEDIUM] CVE-2012-6139: libxslt before 1
libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2012-6139 libxslt: two DoS issues fixed in 1.1.28 [fedora-all]
bugzilla·2013-03-26·CVSS 5.0
CVE-2012-6139 [MEDIUM] CVE-2012-6139 libxslt: two DoS issues fixed in 1.1.28 [fedora-all]
CVE-2012-6139 libxslt: two DoS issues fixed in 1.1.28 [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affects multip
Bugzilla
CVE-2012-6139 libxslt: two DoS issues fixed in 1.1.28 [fedora-all]
bugzilla·2013-03-26·CVSS 5.0
CVE-2012-6139 [MEDIUM] CVE-2012-6139 libxslt: two DoS issues fixed in 1.1.28 [fedora-all]
CVE-2012-6139 libxslt: two DoS issues fixed in 1.1.28 [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affects multip
Bugzilla
libxslt: crash when passing an uninitialized variable to document()
bugzilla·2013-03-25·CVSS 5.0
CVE-2012-6139 [MEDIUM] libxslt: crash when passing an uninitialized variable to document()
libxslt: crash when passing an uninitialized variable to document()
It was reported [1] that libxlst would crash with a segfault due to a read near NULL occurring in xsltDocumentFunction() when an uninitialized variable is used as a parameter to the document() function.
This has been fixed in version 1.1.28 [2].
[1] https://bugzilla.gnome.org/show_bug.cgi?id=685330
[2] https://git.gnome.org/browse/libxslt/commit/?id=6c99c519d97e5fcbec7a9537d190efb442e4e833
Discussion:
CVE-2012-6139 has been assigned http://www.openwall.com/lists/oss-security/2013/03/25/10
---
This issue was merged with bug #927386 under one CVE.
*** This bug has been marked as a duplicate of bug 927386 ***
Bugzilla
CVE-2012-6139 libxslt: two DoS issues fixed in 1.1.28
bugzilla·2013-03-25·CVSS 5.0
CVE-2012-6139 [MEDIUM] CVE-2012-6139 libxslt: two DoS issues fixed in 1.1.28
CVE-2012-6139 libxslt: two DoS issues fixed in 1.1.28
It was reported [1] that libxlst would crash with a segfault when proessing XML files with an empty xls:key/@match attribute.
This has been fixed in version 1.1.28 [2].
[1] https://bugzilla.gnome.org/show_bug.cgi?id=685328
[2] https://git.gnome.org/browse/libxslt/commit/?id=dc11b6b379a882418093ecc8adf11f6166682e8d
Discussion:
CVE-2012-6139 has been assigned http://www.openwall.com/lists/oss-security/2013/03/25/10
---
*** Bug 927388 has been marked as a duplicate of this bug. ***
---
The following issue was merged with this one under one CVE:
It was reported [1] that libxlst would crash with a segfault due to a read near NULL occurring in xsltDocumentFunction() when an uninitialized variable is used as a parameter to the docume
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102065.htmlhttp://lists.opensuse.org/opensuse-updates/2013-04/msg00020.htmlhttp://lists.opensuse.org/opensuse-updates/2013-04/msg00028.htmlhttp://secunia.com/advisories/52745http://secunia.com/advisories/52805http://secunia.com/advisories/52813http://secunia.com/advisories/52884http://www.debian.org/security/2013/dsa-2654http://www.mandriva.com/security/advisories?name=MDVSA-2013:141http://www.securitytracker.com/id/1028338http://www.ubuntu.com/usn/USN-1784-1http://xmlsoft.org/XSLT/news.htmlhttps://bugzilla.gnome.org/show_bug.cgi?id=685328https://bugzilla.gnome.org/show_bug.cgi?id=685330https://git.gnome.org/browse/libxslt/commit/?id=6c99c519d97e5fcbec7a9537d190efb442e4e833https://git.gnome.org/browse/libxslt/commit/?id=dc11b6b379a882418093ecc8adf11f6166682e8dhttps://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0107https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.htmlhttps://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-April/102065.htmlhttp://lists.opensuse.org/opensuse-updates/2013-04/msg00020.htmlhttp://lists.opensuse.org/opensuse-updates/2013-04/msg00028.htmlhttp://secunia.com/advisories/52745http://secunia.com/advisories/52805http://secunia.com/advisories/52813http://secunia.com/advisories/52884http://www.debian.org/security/2013/dsa-2654http://www.mandriva.com/security/advisories?name=MDVSA-2013:141http://www.securitytracker.com/id/1028338http://www.ubuntu.com/usn/USN-1784-1http://xmlsoft.org/XSLT/news.htmlhttps://bugzilla.gnome.org/show_bug.cgi?id=685328https://bugzilla.gnome.org/show_bug.cgi?id=685330https://git.gnome.org/browse/libxslt/commit/?id=6c99c519d97e5fcbec7a9537d190efb442e4e833https://git.gnome.org/browse/libxslt/commit/?id=dc11b6b379a882418093ecc8adf11f6166682e8dhttps://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0107https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.htmlhttps://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.html
2013-04-12
Published