ID CVE-2010-4008
Summary libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.
References
Vulnerable Configurations
  • XMLSoft Libxml2 2.2.0 beta
    cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta
  • XMLSoft Libxml2 1.7.3
    cpe:2.3:a:xmlsoft:libxml2:1.7.3
  • XMLSoft Libxml2 1.7.4
    cpe:2.3:a:xmlsoft:libxml2:1.7.4
  • XMLSoft Libxml2 1.8.0
    cpe:2.3:a:xmlsoft:libxml2:1.8.0
  • XMLSoft Libxml2 1.8.1
    cpe:2.3:a:xmlsoft:libxml2:1.8.1
  • XMLSoft Libxml2 2.5.0
    cpe:2.3:a:xmlsoft:libxml2:2.5.0
  • XMLSoft Libxml2 1.7.0
    cpe:2.3:a:xmlsoft:libxml2:1.7.0
  • XMLSoft Libxml2 1.7.1
    cpe:2.3:a:xmlsoft:libxml2:1.7.1
  • XMLSoft Libxml2 1.7.2
    cpe:2.3:a:xmlsoft:libxml2:1.7.2
  • XMLSoft Libxml2 2.6.11
    cpe:2.3:a:xmlsoft:libxml2:2.6.11
  • XMLSoft Libxml2 2.6.1
    cpe:2.3:a:xmlsoft:libxml2:2.6.1
  • XMLSoft Libxml2 2.6.0
    cpe:2.3:a:xmlsoft:libxml2:2.6.0
  • XMLSoft Libxml2 2.5.4
    cpe:2.3:a:xmlsoft:libxml2:2.5.4
  • XMLSoft Libxml2 2.5.11
    cpe:2.3:a:xmlsoft:libxml2:2.5.11
  • Xmlsoft Libxml2 2.5.10
    cpe:2.3:a:xmlsoft:libxml2:2.5.10
  • XMLSoft Libxml2 2.4.23
    cpe:2.3:a:xmlsoft:libxml2:2.4.23
  • XMLSoft Libxml2 2.4.19
    cpe:2.3:a:xmlsoft:libxml2:2.4.19
  • XMLSoft Libxml2 2.6.14
    cpe:2.3:a:xmlsoft:libxml2:2.6.14
  • XMLSoft Libxml2 2.6.2
    cpe:2.3:a:xmlsoft:libxml2:2.6.2
  • XMLSoft Libxml2 2.6.12
    cpe:2.3:a:xmlsoft:libxml2:2.6.12
  • XMLSoft Libxml2 2.6.13
    cpe:2.3:a:xmlsoft:libxml2:2.6.13
  • XMLSoft Libxml2 2.6.26
    cpe:2.3:a:xmlsoft:libxml2:2.6.26
  • XMLSoft Libxml2 2.4.30
    cpe:2.3:a:xmlsoft:libxml2:2.4.30
  • XMLSoft Libxml2 2.4.28
    cpe:2.3:a:xmlsoft:libxml2:2.4.28
  • XMLSoft Libxml2 2.4.29
    cpe:2.3:a:xmlsoft:libxml2:2.4.29
  • XMLSoft Libxml2 2.4.26
    cpe:2.3:a:xmlsoft:libxml2:2.4.26
  • XMLSoft Libxml2 2.4.27
    cpe:2.3:a:xmlsoft:libxml2:2.4.27
  • XMLSoft Libxml2 2.6.22
    cpe:2.3:a:xmlsoft:libxml2:2.6.22
  • XMLSoft Libxml2 2.4.17
    cpe:2.3:a:xmlsoft:libxml2:2.4.17
  • XMLSoft Libxml2 2.6.27
    cpe:2.3:a:xmlsoft:libxml2:2.6.27
  • XMLSoft Libxml2 2.4.16
    cpe:2.3:a:xmlsoft:libxml2:2.4.16
  • XMLSoft Libxml2 2.4.20
    cpe:2.3:a:xmlsoft:libxml2:2.4.20
  • XMLSoft Libxml2 2.4.18
    cpe:2.3:a:xmlsoft:libxml2:2.4.18
  • XMLSoft Libxml2 2.6.17
    cpe:2.3:a:xmlsoft:libxml2:2.6.17
  • XMLSoft Libxml2 2.4.22
    cpe:2.3:a:xmlsoft:libxml2:2.4.22
  • Xmlsoft Libxml2 2.6.16
    cpe:2.3:a:xmlsoft:libxml2:2.6.16
  • XMLSoft Libxml2 2.4.21
    cpe:2.3:a:xmlsoft:libxml2:2.4.21
  • XMLSoft Libxml2 2.6.20
    cpe:2.3:a:xmlsoft:libxml2:2.6.20
  • XMLSoft Libxml2 2.4.25
    cpe:2.3:a:xmlsoft:libxml2:2.4.25
  • XMLSoft Libxml2 2.6.18
    cpe:2.3:a:xmlsoft:libxml2:2.6.18
  • XMLSoft Libxml2 2.4.24
    cpe:2.3:a:xmlsoft:libxml2:2.4.24
  • XMLSoft Libxml2 2.4.9
    cpe:2.3:a:xmlsoft:libxml2:2.4.9
  • XMLSoft Libxml2 2.4.8
    cpe:2.3:a:xmlsoft:libxml2:2.4.8
  • XMLSoft Libxml2 2.4.11
    cpe:2.3:a:xmlsoft:libxml2:2.4.11
  • XMLSoft Libxml2 2.4.10
    cpe:2.3:a:xmlsoft:libxml2:2.4.10
  • XMLSoft Libxml2 2.4.13
    cpe:2.3:a:xmlsoft:libxml2:2.4.13
  • XMLSoft Libxml2 2.4.12
    cpe:2.3:a:xmlsoft:libxml2:2.4.12
  • XMLSoft Libxml2 2.4.15
    cpe:2.3:a:xmlsoft:libxml2:2.4.15
  • XMLSoft Libxml2 2.4.14
    cpe:2.3:a:xmlsoft:libxml2:2.4.14
  • XMLSoft Libxml2 1.8.16
    cpe:2.3:a:xmlsoft:libxml2:1.8.16
  • XMLSoft Libxml2 2.4.1
    cpe:2.3:a:xmlsoft:libxml2:2.4.1
  • XMLSoft Libxml2 2.4.2
    cpe:2.3:a:xmlsoft:libxml2:2.4.2
  • XMLSoft Libxml2 2.4.3
    cpe:2.3:a:xmlsoft:libxml2:2.4.3
  • XMLSoft Libxml2 2.4.4
    cpe:2.3:a:xmlsoft:libxml2:2.4.4
  • XMLSoft Libxml2 2.4.5
    cpe:2.3:a:xmlsoft:libxml2:2.4.5
  • XMLSoft Libxml2 2.4.6
    cpe:2.3:a:xmlsoft:libxml2:2.4.6
  • XMLSoft Libxml2 2.4.7
    cpe:2.3:a:xmlsoft:libxml2:2.4.7
  • XMLSoft Libxml2 1.8.13
    cpe:2.3:a:xmlsoft:libxml2:1.8.13
  • XMLSoft Libxml2 2.3.9
    cpe:2.3:a:xmlsoft:libxml2:2.3.9
  • XMLSoft Libxml2 2.5.7
    cpe:2.3:a:xmlsoft:libxml2:2.5.7
  • XMLSoft Libxml2 2.3.10
    cpe:2.3:a:xmlsoft:libxml2:2.3.10
  • XMLSoft Libxml2 2.5.8
    cpe:2.3:a:xmlsoft:libxml2:2.5.8
  • XMLSoft Libxml2 2.3.11
    cpe:2.3:a:xmlsoft:libxml2:2.3.11
  • XMLSoft Libxml2 2.3.12
    cpe:2.3:a:xmlsoft:libxml2:2.3.12
  • XMLSoft Libxml2 1.8.14
    cpe:2.3:a:xmlsoft:libxml2:1.8.14
  • XMLSoft Libxml2 2.3.13
    cpe:2.3:a:xmlsoft:libxml2:2.3.13
  • XMLSoft Libxml2 2.3.14
    cpe:2.3:a:xmlsoft:libxml2:2.3.14
  • XMLSoft Libxml2 2.3.4
    cpe:2.3:a:xmlsoft:libxml2:2.3.4
  • XMLSoft Libxml2 2.3.3
    cpe:2.3:a:xmlsoft:libxml2:2.3.3
  • XMLSoft Libxml2 2.3.2
    cpe:2.3:a:xmlsoft:libxml2:2.3.2
  • XMLSoft Libxml2 2.3.1
    cpe:2.3:a:xmlsoft:libxml2:2.3.1
  • XMLSoft Libxml2 2.3.8
    cpe:2.3:a:xmlsoft:libxml2:2.3.8
  • XMLSoft Libxml2 2.3.7
    cpe:2.3:a:xmlsoft:libxml2:2.3.7
  • XMLSoft Libxml2 2.3.6
    cpe:2.3:a:xmlsoft:libxml2:2.3.6
  • XMLSoft Libxml2 2.3.5
    cpe:2.3:a:xmlsoft:libxml2:2.3.5
  • XMLSoft Libxml2 2.2.8
    cpe:2.3:a:xmlsoft:libxml2:2.2.8
  • XMLSoft Libxml2 2.2.7
    cpe:2.3:a:xmlsoft:libxml2:2.2.7
  • XMLSoft Libxml2 2.2.6
    cpe:2.3:a:xmlsoft:libxml2:2.2.6
  • XMLSoft Libxml2 2.2.5
    cpe:2.3:a:xmlsoft:libxml2:2.2.5
  • XMLSoft Libxml2 2.3.0
    cpe:2.3:a:xmlsoft:libxml2:2.3.0
  • XMLSoft Libxml2 2.2.11
    cpe:2.3:a:xmlsoft:libxml2:2.2.11
  • XMLSoft Libxml2 2.2.10
    cpe:2.3:a:xmlsoft:libxml2:2.2.10
  • XMLSoft Libxml2 2.2.9
    cpe:2.3:a:xmlsoft:libxml2:2.2.9
  • XMLSoft Libxml2 1.8.10
    cpe:2.3:a:xmlsoft:libxml2:1.8.10
  • XMLSoft Libxml2 2.2.0
    cpe:2.3:a:xmlsoft:libxml2:2.2.0
  • XMLSoft Libxml2 2.1.1
    cpe:2.3:a:xmlsoft:libxml2:2.1.1
  • XMLSoft Libxml2 1.8.9
    cpe:2.3:a:xmlsoft:libxml2:1.8.9
  • XMLSoft Libxml2 2.2.3
    cpe:2.3:a:xmlsoft:libxml2:2.2.3
  • XMLSoft Libxml2 2.2.4
    cpe:2.3:a:xmlsoft:libxml2:2.2.4
  • XMLSoft Libxml2 2.2.1
    cpe:2.3:a:xmlsoft:libxml2:2.2.1
  • XMLSoft Libxml2 2.2.2
    cpe:2.3:a:xmlsoft:libxml2:2.2.2
  • XMLSoft Libxml2 1.8.4
    cpe:2.3:a:xmlsoft:libxml2:1.8.4
  • XMLSoft Libxml2 1.8.5
    cpe:2.3:a:xmlsoft:libxml2:1.8.5
  • XMLSoft Libxml2 1.8.2
    cpe:2.3:a:xmlsoft:libxml2:1.8.2
  • XMLSoft Libxml2 1.8.3
    cpe:2.3:a:xmlsoft:libxml2:1.8.3
  • XMLSoft Libxml2 2.0.0
    cpe:2.3:a:xmlsoft:libxml2:2.0.0
  • XMLSoft Libxml2 2.1.0
    cpe:2.3:a:xmlsoft:libxml2:2.1.0
  • XMLSoft Libxml2 1.8.6
    cpe:2.3:a:xmlsoft:libxml2:1.8.6
  • XMLSoft Libxml2 1.8.7
    cpe:2.3:a:xmlsoft:libxml2:1.8.7
  • XMLSoft Libxml2 2.6.32
    cpe:2.3:a:xmlsoft:libxml2:2.6.32
  • XMLSoft Libxml2 2.6.5
    cpe:2.3:a:xmlsoft:libxml2:2.6.5
  • XMLSoft Libxml2 2.6.6
    cpe:2.3:a:xmlsoft:libxml2:2.6.6
  • XMLSoft Libxml2 2.6.3
    cpe:2.3:a:xmlsoft:libxml2:2.6.3
  • XMLSoft Libxml2 2.6.4
    cpe:2.3:a:xmlsoft:libxml2:2.6.4
  • XMLSoft Libxml2 2.6.9
    cpe:2.3:a:xmlsoft:libxml2:2.6.9
  • XMLSoft Libxml2 2.6.7
    cpe:2.3:a:xmlsoft:libxml2:2.6.7
  • XMLSoft Libxml2 2.6.8
    cpe:2.3:a:xmlsoft:libxml2:2.6.8
  • XMLSoft Libxml2 2.6.30
    cpe:2.3:a:xmlsoft:libxml2:2.6.30
  • XMLSoft Libxml2 2.7.1
    cpe:2.3:a:xmlsoft:libxml2:2.7.1
  • XMLSoft Libxml2 2.7.0
    cpe:2.3:a:xmlsoft:libxml2:2.7.0
  • XMLSoft Libxml2 2.7.2
    cpe:2.3:a:xmlsoft:libxml2:2.7.2
  • XMLSoft Libxml2 2.7.3
    cpe:2.3:a:xmlsoft:libxml2:2.7.3
  • XMLSoft Libxml2 2.7.4
    cpe:2.3:a:xmlsoft:libxml2:2.7.4
  • XMLSoft Libxml2 2.7.5
    cpe:2.3:a:xmlsoft:libxml2:2.7.5
  • XMLSoft Libxml2 2.7.6
    cpe:2.3:a:xmlsoft:libxml2:2.7.6
  • XMLSoft Libxml2 2.7.7
    cpe:2.3:a:xmlsoft:libxml2:2.7.7
  • Google Chrome 7.0.517.43
    cpe:2.3:a:google:chrome:7.0.517.43
  • cpe:2.3:a:google:chrome:7.0.517.42
  • cpe:2.3:a:google:chrome:7.0.517.41
  • Google Chrome 7.0.498.0
    cpe:2.3:a:google:chrome:7.0.498.0
  • cpe:2.3:a:google:chrome:7.0.497.0
  • Google Chrome 7.0.505.0
    cpe:2.3:a:google:chrome:7.0.505.0
  • Google Chrome 7.0.504.0
    cpe:2.3:a:google:chrome:7.0.504.0
  • Google Chrome 7.0.503.1
    cpe:2.3:a:google:chrome:7.0.503.1
  • cpe:2.3:a:google:chrome:7.0.503.0
  • Google Chrome 7.0.500.1
    cpe:2.3:a:google:chrome:7.0.500.1
  • Google Chrome 7.0.500.0
    cpe:2.3:a:google:chrome:7.0.500.0
  • Google Chrome 7.0.499.1
    cpe:2.3:a:google:chrome:7.0.499.1
  • Google Chrome 7.0.499.0
    cpe:2.3:a:google:chrome:7.0.499.0
  • cpe:2.3:a:google:chrome:7.0.506.0
  • Google Chrome 7.0.507.0
    cpe:2.3:a:google:chrome:7.0.507.0
  • Google Chrome 7.0.507.1
    cpe:2.3:a:google:chrome:7.0.507.1
  • cpe:2.3:a:google:chrome:7.0.507.2
  • Google Chrome 7.0.507.3
    cpe:2.3:a:google:chrome:7.0.507.3
  • Google Chrome 7.0.509.0
    cpe:2.3:a:google:chrome:7.0.509.0
  • Google Chrome 7.0.510.0
    cpe:2.3:a:google:chrome:7.0.510.0
  • cpe:2.3:a:google:chrome:7.0.511.1
  • Google Chrome 7.0.511.2
    cpe:2.3:a:google:chrome:7.0.511.2
  • cpe:2.3:a:google:chrome:7.0.511.4
  • cpe:2.3:a:google:chrome:7.0.512.0
  • cpe:2.3:a:google:chrome:7.0.513.0
  • Google Chrome 7.0.514.0
    cpe:2.3:a:google:chrome:7.0.514.0
  • cpe:2.3:a:google:chrome:7.0.514.1
  • cpe:2.3:a:google:chrome:7.0.515.0
  • cpe:2.3:a:google:chrome:7.0.516.0
  • Google Chrome 7.0.517.10
    cpe:2.3:a:google:chrome:7.0.517.10
  • cpe:2.3:a:google:chrome:7.0.517.0
  • Google Chrome 7.0.517.12
    cpe:2.3:a:google:chrome:7.0.517.12
  • cpe:2.3:a:google:chrome:7.0.517.11
  • Google Chrome 7.0.517.14
    cpe:2.3:a:google:chrome:7.0.517.14
  • Google Chrome 7.0.517.13
    cpe:2.3:a:google:chrome:7.0.517.13
  • cpe:2.3:a:google:chrome:7.0.517.17
  • cpe:2.3:a:google:chrome:7.0.517.16
  • cpe:2.3:a:google:chrome:7.0.517.19
  • Google Chrome 7.0.517.18
    cpe:2.3:a:google:chrome:7.0.517.18
  • Google Chrome 7.0.517.20
    cpe:2.3:a:google:chrome:7.0.517.20
  • Google Chrome 7.0.517.2
    cpe:2.3:a:google:chrome:7.0.517.2
  • cpe:2.3:a:google:chrome:7.0.517.22
  • cpe:2.3:a:google:chrome:7.0.517.21
  • Google Chrome 7.0.517.24
    cpe:2.3:a:google:chrome:7.0.517.24
  • Google Chrome 7.0.517.23
    cpe:2.3:a:google:chrome:7.0.517.23
  • cpe:2.3:a:google:chrome:7.0.517.27
  • Google Chrome 7.0.517.28
    cpe:2.3:a:google:chrome:7.0.517.28
  • cpe:2.3:a:google:chrome:7.0.517.25
  • cpe:2.3:a:google:chrome:7.0.517.26
  • Google Chrome 7.0.517.31
    cpe:2.3:a:google:chrome:7.0.517.31
  • Google Chrome 7.0.517.32
    cpe:2.3:a:google:chrome:7.0.517.32
  • Google Chrome 7.0.517.29
    cpe:2.3:a:google:chrome:7.0.517.29
  • cpe:2.3:a:google:chrome:7.0.517.30
  • Google Chrome 7.0.517.35
    cpe:2.3:a:google:chrome:7.0.517.35
  • Google Chrome 7.0.517.36
    cpe:2.3:a:google:chrome:7.0.517.36
  • cpe:2.3:a:google:chrome:7.0.517.33
  • cpe:2.3:a:google:chrome:7.0.517.34
  • Google Chrome 7.0.517.39
    cpe:2.3:a:google:chrome:7.0.517.39
  • cpe:2.3:a:google:chrome:7.0.517.4
  • Google Chrome 7.0.517.37
    cpe:2.3:a:google:chrome:7.0.517.37
  • cpe:2.3:a:google:chrome:7.0.517.38
  • cpe:2.3:a:google:chrome:7.0.517.7
  • Google Chrome 7.0.517.6
    cpe:2.3:a:google:chrome:7.0.517.6
  • cpe:2.3:a:google:chrome:7.0.517.5
  • Google Chrome 7.0.517.40
    cpe:2.3:a:google:chrome:7.0.517.40
  • cpe:2.3:a:google:chrome:7.0.517.9
  • Google Chrome 7.0.517.8
    cpe:2.3:a:google:chrome:7.0.517.8
  • cpe:2.3:a:google:chrome:6.0.399.0
  • cpe:2.3:a:google:chrome:6.0.400.0
  • Google Chrome 6.0.401.0
    cpe:2.3:a:google:chrome:6.0.401.0
  • cpe:2.3:a:google:chrome:6.0.405.0
  • Google Chrome 6.0.404.2
    cpe:2.3:a:google:chrome:6.0.404.2
  • cpe:2.3:a:google:chrome:6.0.407.0
  • cpe:2.3:a:google:chrome:6.0.406.0
  • cpe:2.3:a:google:chrome:6.0.403.0
  • cpe:2.3:a:google:chrome:6.0.401.1
  • cpe:2.3:a:google:chrome:6.0.404.1
  • Google Chrome 6.0.404.0
    cpe:2.3:a:google:chrome:6.0.404.0
  • Google Chrome 6.0.408.4
    cpe:2.3:a:google:chrome:6.0.408.4
  • Google Chrome 6.0.408.3
    cpe:2.3:a:google:chrome:6.0.408.3
  • cpe:2.3:a:google:chrome:6.0.408.6
  • Google Chrome 6.0.408.5
    cpe:2.3:a:google:chrome:6.0.408.5
  • Google Chrome 6.0.408.10
    cpe:2.3:a:google:chrome:6.0.408.10
  • cpe:2.3:a:google:chrome:6.0.408.0
  • cpe:2.3:a:google:chrome:6.0.408.2
  • Google Chrome 6.0.408.1
    cpe:2.3:a:google:chrome:6.0.408.1
  • Google Chrome 6.0.412.0
    cpe:2.3:a:google:chrome:6.0.412.0
  • cpe:2.3:a:google:chrome:6.0.413.0
  • cpe:2.3:a:google:chrome:6.0.410.0
  • cpe:2.3:a:google:chrome:6.0.411.0
  • Google Chrome 6.0.408.9
    cpe:2.3:a:google:chrome:6.0.408.9
  • cpe:2.3:a:google:chrome:6.0.409.0
  • cpe:2.3:a:google:chrome:6.0.408.7
  • Google Chrome 6.0.408.8
    cpe:2.3:a:google:chrome:6.0.408.8
  • cpe:2.3:a:google:chrome:6.0.418.0
  • cpe:2.3:a:google:chrome:6.0.418.1
  • cpe:2.3:a:google:chrome:6.0.416.1
  • Google Chrome 6.0.417.0
    cpe:2.3:a:google:chrome:6.0.417.0
  • cpe:2.3:a:google:chrome:6.0.415.1
  • Google Chrome 6.0.416.0
    cpe:2.3:a:google:chrome:6.0.416.0
  • cpe:2.3:a:google:chrome:6.0.414.0
  • Google Chrome 6.0.415.0
    cpe:2.3:a:google:chrome:6.0.415.0
  • Google Chrome 6.0.418.9
    cpe:2.3:a:google:chrome:6.0.418.9
  • Google Chrome 6.0.418.8
    cpe:2.3:a:google:chrome:6.0.418.8
  • Google Chrome 6.0.418.7
    cpe:2.3:a:google:chrome:6.0.418.7
  • cpe:2.3:a:google:chrome:6.0.418.6
  • Google Chrome 6.0.418.5
    cpe:2.3:a:google:chrome:6.0.418.5
  • cpe:2.3:a:google:chrome:6.0.418.4
  • cpe:2.3:a:google:chrome:6.0.418.3
  • Google Chrome 6.0.418.2
    cpe:2.3:a:google:chrome:6.0.418.2
  • cpe:2.3:a:google:chrome:6.0.427.0
  • cpe:2.3:a:google:chrome:6.0.426.0
  • Google Chrome 6.0.425.0
    cpe:2.3:a:google:chrome:6.0.425.0
  • Google Chrome 6.0.424.0
    cpe:2.3:a:google:chrome:6.0.424.0
  • Google Chrome 6.0.423.0
    cpe:2.3:a:google:chrome:6.0.423.0
  • cpe:2.3:a:google:chrome:6.0.422.0
  • cpe:2.3:a:google:chrome:6.0.421.0
  • cpe:2.3:a:google:chrome:6.0.419.0
  • Google Chrome 6.0.450.2
    cpe:2.3:a:google:chrome:6.0.450.2
  • Google Chrome 6.0.450.3
    cpe:2.3:a:google:chrome:6.0.450.3
  • cpe:2.3:a:google:chrome:6.0.450.0
  • Google Chrome 6.0.450.1
    cpe:2.3:a:google:chrome:6.0.450.1
  • cpe:2.3:a:google:chrome:6.0.452.0
  • Google Chrome 6.0.452.1
    cpe:2.3:a:google:chrome:6.0.452.1
  • cpe:2.3:a:google:chrome:6.0.450.4
  • cpe:2.3:a:google:chrome:6.0.451.0
  • cpe:2.3:a:google:chrome:6.0.445.1
  • Google Chrome 6.0.446.0
    cpe:2.3:a:google:chrome:6.0.446.0
  • cpe:2.3:a:google:chrome:6.0.444.0
  • Google Chrome 6.0.445.0
    cpe:2.3:a:google:chrome:6.0.445.0
  • Google Chrome 6.0.447.2
    cpe:2.3:a:google:chrome:6.0.447.2
  • cpe:2.3:a:google:chrome:6.0.449.0
  • Google Chrome 6.0.447.0
    cpe:2.3:a:google:chrome:6.0.447.0
  • Google Chrome 6.0.447.1
    cpe:2.3:a:google:chrome:6.0.447.1
  • cpe:2.3:a:google:chrome:6.0.437.3
  • cpe:2.3:a:google:chrome:6.0.437.2
  • cpe:2.3:a:google:chrome:6.0.437.1
  • cpe:2.3:a:google:chrome:6.0.437.0
  • Google Chrome 6.0.443.0
    cpe:2.3:a:google:chrome:6.0.443.0
  • cpe:2.3:a:google:chrome:6.0.441.0
  • Google Chrome 6.0.440.0
    cpe:2.3:a:google:chrome:6.0.440.0
  • cpe:2.3:a:google:chrome:6.0.438.0
  • Google Chrome 6.0.432.0
    cpe:2.3:a:google:chrome:6.0.432.0
  • cpe:2.3:a:google:chrome:6.0.431.0
  • cpe:2.3:a:google:chrome:6.0.430.0
  • Google Chrome 6.0.428.0
    cpe:2.3:a:google:chrome:6.0.428.0
  • cpe:2.3:a:google:chrome:6.0.436.0
  • Google Chrome 6.0.435.0
    cpe:2.3:a:google:chrome:6.0.435.0
  • cpe:2.3:a:google:chrome:6.0.434.0
  • cpe:2.3:a:google:chrome:6.0.433.0
  • Google Chrome 6.0.459.0
    cpe:2.3:a:google:chrome:6.0.459.0
  • cpe:2.3:a:google:chrome:6.0.460.0
  • Google Chrome 6.0.458.2
    cpe:2.3:a:google:chrome:6.0.458.2
  • Google Chrome 6.0.453.1
    cpe:2.3:a:google:chrome:6.0.453.1
  • cpe:2.3:a:google:chrome:6.0.453.0
  • Google Chrome 6.0.455.0
    cpe:2.3:a:google:chrome:6.0.455.0
  • Google Chrome 6.0.454.0
    cpe:2.3:a:google:chrome:6.0.454.0
  • cpe:2.3:a:google:chrome:6.0.457.0
  • Google Chrome 6.0.456.0
    cpe:2.3:a:google:chrome:6.0.456.0
  • Google Chrome 6.0.458.1
    cpe:2.3:a:google:chrome:6.0.458.1
  • cpe:2.3:a:google:chrome:6.0.458.0
  • Google Chrome 6.0.465.1
    cpe:2.3:a:google:chrome:6.0.465.1
  • Google Chrome 6.0.464.1
    cpe:2.3:a:google:chrome:6.0.464.1
  • cpe:2.3:a:google:chrome:6.0.462.0
  • cpe:2.3:a:google:chrome:6.0.461.0
  • Google Chrome 6.0.397.0
    cpe:2.3:a:google:chrome:6.0.397.0
  • Google Chrome 6.0.398.0
    cpe:2.3:a:google:chrome:6.0.398.0
  • cpe:2.3:a:google:chrome:6.0.472.50
  • Google Chrome 6.0.472.51
    cpe:2.3:a:google:chrome:6.0.472.51
  • cpe:2.3:a:google:chrome:6.0.472.48
  • Google Chrome 6.0.472.49
    cpe:2.3:a:google:chrome:6.0.472.49
  • cpe:2.3:a:google:chrome:6.0.472.56
  • cpe:2.3:a:google:chrome:6.0.472.57
  • Google Chrome 6.0.472.52
    cpe:2.3:a:google:chrome:6.0.472.52
  • cpe:2.3:a:google:chrome:6.0.472.54
  • Google Chrome 6.0.472.62
    cpe:2.3:a:google:chrome:6.0.472.62
  • Google Chrome 6.0.472.55
    cpe:2.3:a:google:chrome:6.0.472.55
  • Google Chrome 6.0.472.58
    cpe:2.3:a:google:chrome:6.0.472.58
  • Google Chrome 6.0.472.53
    cpe:2.3:a:google:chrome:6.0.472.53
  • Google Chrome 6.0.474.0
    cpe:2.3:a:google:chrome:6.0.474.0
  • Google Chrome 6.0.473.0
    cpe:2.3:a:google:chrome:6.0.473.0
  • cpe:2.3:a:google:chrome:6.0.476.0
  • cpe:2.3:a:google:chrome:6.0.475.0
  • Google Chrome 6.0.472.63
    cpe:2.3:a:google:chrome:6.0.472.63
  • cpe:2.3:a:google:chrome:6.0.483.0
  • Google Chrome 6.0.484.0
    cpe:2.3:a:google:chrome:6.0.484.0
  • cpe:2.3:a:google:chrome:6.0.481.0
  • Google Chrome 6.0.482.0
    cpe:2.3:a:google:chrome:6.0.482.0
  • cpe:2.3:a:google:chrome:6.0.479.0
  • Google Chrome 6.0.480.0
    cpe:2.3:a:google:chrome:6.0.480.0
  • cpe:2.3:a:google:chrome:6.0.477.0
  • Google Chrome 6.0.478.0
    cpe:2.3:a:google:chrome:6.0.478.0
  • cpe:2.3:a:google:chrome:6.0.490.1
  • Google Chrome 6.0.491.0
    cpe:2.3:a:google:chrome:6.0.491.0
  • cpe:2.3:a:google:chrome:6.0.489.0
  • Google Chrome 6.0.490.0
    cpe:2.3:a:google:chrome:6.0.490.0
  • Google Chrome 6.0.487.0
    cpe:2.3:a:google:chrome:6.0.487.0
  • Google Chrome 6.0.488.0
    cpe:2.3:a:google:chrome:6.0.488.0
  • cpe:2.3:a:google:chrome:6.0.485.0
  • cpe:2.3:a:google:chrome:6.0.486.0
  • cpe:2.3:a:google:chrome:6.0.495.0
  • Google Chrome 6.0.494.0
    cpe:2.3:a:google:chrome:6.0.494.0
  • cpe:2.3:a:google:chrome:6.0.493.0
  • cpe:2.3:a:google:chrome:6.0.492.0
  • Google Chrome 6.0.472.59
    cpe:2.3:a:google:chrome:6.0.472.59
  • Google Chrome 6.0.472.60
    cpe:2.3:a:google:chrome:6.0.472.60
  • Google Chrome 6.0.472.61
    cpe:2.3:a:google:chrome:6.0.472.61
  • Google Chrome 6.0.472.14
    cpe:2.3:a:google:chrome:6.0.472.14
  • cpe:2.3:a:google:chrome:6.0.472.15
  • cpe:2.3:a:google:chrome:6.0.472.12
  • Google Chrome 6.0.472.13
    cpe:2.3:a:google:chrome:6.0.472.13
  • cpe:2.3:a:google:chrome:6.0.472.10
  • Google Chrome 6.0.472.11
    cpe:2.3:a:google:chrome:6.0.472.11
  • Google Chrome 6.0.472.8
    cpe:2.3:a:google:chrome:6.0.472.8
  • Google Chrome 6.0.472.9
    cpe:2.3:a:google:chrome:6.0.472.9
  • Google Chrome 6.0.472.6
    cpe:2.3:a:google:chrome:6.0.472.6
  • Google Chrome 6.0.472.7
    cpe:2.3:a:google:chrome:6.0.472.7
  • Google Chrome 6.0.472.4
    cpe:2.3:a:google:chrome:6.0.472.4
  • Google Chrome 6.0.472.5
    cpe:2.3:a:google:chrome:6.0.472.5
  • cpe:2.3:a:google:chrome:6.0.472.2
  • Google Chrome 6.0.472.3
    cpe:2.3:a:google:chrome:6.0.472.3
  • cpe:2.3:a:google:chrome:6.0.472.0
  • Google Chrome 6.0.472.1
    cpe:2.3:a:google:chrome:6.0.472.1
  • cpe:2.3:a:google:chrome:6.0.471.0
  • Google Chrome 6.0.470.0
    cpe:2.3:a:google:chrome:6.0.470.0
  • cpe:2.3:a:google:chrome:6.0.469.0
  • cpe:2.3:a:google:chrome:6.0.467.0
  • Google Chrome 6.0.466.6
    cpe:2.3:a:google:chrome:6.0.466.6
  • cpe:2.3:a:google:chrome:6.0.466.5
  • cpe:2.3:a:google:chrome:6.0.466.4
  • cpe:2.3:a:google:chrome:6.0.466.3
  • cpe:2.3:a:google:chrome:6.0.466.2
  • Google Chrome 6.0.466.1
    cpe:2.3:a:google:chrome:6.0.466.1
  • cpe:2.3:a:google:chrome:6.0.466.0
  • cpe:2.3:a:google:chrome:6.0.465.2
  • Google Chrome 6.0.472.44
    cpe:2.3:a:google:chrome:6.0.472.44
  • Google Chrome 6.0.472.45
    cpe:2.3:a:google:chrome:6.0.472.45
  • cpe:2.3:a:google:chrome:6.0.472.46
  • cpe:2.3:a:google:chrome:6.0.472.47
  • cpe:2.3:a:google:chrome:6.0.472.40
  • cpe:2.3:a:google:chrome:6.0.472.41
  • Google Chrome 6.0.472.42
    cpe:2.3:a:google:chrome:6.0.472.42
  • cpe:2.3:a:google:chrome:6.0.472.43
  • Google Chrome 6.0.472.36
    cpe:2.3:a:google:chrome:6.0.472.36
  • Google Chrome 6.0.472.37
    cpe:2.3:a:google:chrome:6.0.472.37
  • Google Chrome 6.0.472.38
    cpe:2.3:a:google:chrome:6.0.472.38
  • cpe:2.3:a:google:chrome:6.0.472.39
  • Google Chrome 6.0.472.32
    cpe:2.3:a:google:chrome:6.0.472.32
  • Google Chrome 6.0.472.33
    cpe:2.3:a:google:chrome:6.0.472.33
  • cpe:2.3:a:google:chrome:6.0.472.34
  • cpe:2.3:a:google:chrome:6.0.472.35
  • cpe:2.3:a:google:chrome:6.0.472.29
  • cpe:2.3:a:google:chrome:6.0.472.28
  • Google Chrome 6.0.472.31
    cpe:2.3:a:google:chrome:6.0.472.31
  • Google Chrome 6.0.472.30
    cpe:2.3:a:google:chrome:6.0.472.30
  • cpe:2.3:a:google:chrome:6.0.472.25
  • cpe:2.3:a:google:chrome:6.0.472.24
  • cpe:2.3:a:google:chrome:6.0.472.27
  • Google Chrome 6.0.472.26
    cpe:2.3:a:google:chrome:6.0.472.26
  • cpe:2.3:a:google:chrome:6.0.472.21
  • cpe:2.3:a:google:chrome:6.0.472.20
  • Google Chrome 6.0.472.23
    cpe:2.3:a:google:chrome:6.0.472.23
  • Google Chrome 6.0.472.22
    cpe:2.3:a:google:chrome:6.0.472.22
  • Google Chrome 6.0.472.17
    cpe:2.3:a:google:chrome:6.0.472.17
  • Google Chrome 6.0.472.16
    cpe:2.3:a:google:chrome:6.0.472.16
  • cpe:2.3:a:google:chrome:6.0.472.19
  • cpe:2.3:a:google:chrome:6.0.472.18
  • Google Chrome 6.0.496.0
    cpe:2.3:a:google:chrome:6.0.496.0
  • Google Chrome 6.0.495.1
    cpe:2.3:a:google:chrome:6.0.495.1
  • Google Chrome 5.0.307.5
    cpe:2.3:a:google:chrome:5.0.307.5
  • Google Chrome 5.0.307.4
    cpe:2.3:a:google:chrome:5.0.307.4
  • Google Chrome 5.0.307.7
    cpe:2.3:a:google:chrome:5.0.307.7
  • cpe:2.3:a:google:chrome:5.0.307.6
  • Google Chrome 5.0.307.9
    cpe:2.3:a:google:chrome:5.0.307.9
  • Google Chrome 5.0.307.8
    cpe:2.3:a:google:chrome:5.0.307.8
  • Google Chrome 5.0.309.0
    cpe:2.3:a:google:chrome:5.0.309.0
  • Google Chrome 5.0.308.0
    cpe:2.3:a:google:chrome:5.0.308.0
  • cpe:2.3:a:google:chrome:5.0.306.1
  • Google Chrome 5.0.306.0
    cpe:2.3:a:google:chrome:5.0.306.0
  • Google Chrome 5.0.307.10
    cpe:2.3:a:google:chrome:5.0.307.10
  • cpe:2.3:a:google:chrome:5.0.307.1
  • Google Chrome 5.0.307.3
    cpe:2.3:a:google:chrome:5.0.307.3
  • Google Chrome 5.0.307.11
    cpe:2.3:a:google:chrome:5.0.307.11
  • cpe:2.3:a:google:chrome:5.0.356.0
  • cpe:2.3:a:google:chrome:5.0.355.0
  • cpe:2.3:a:google:chrome:5.0.356.2
  • cpe:2.3:a:google:chrome:5.0.356.1
  • cpe:2.3:a:google:chrome:5.0.353.0
  • cpe:2.3:a:google:chrome:5.0.351.0
  • Google Chrome 5.0.354.1
    cpe:2.3:a:google:chrome:5.0.354.1
  • cpe:2.3:a:google:chrome:5.0.354.0
  • cpe:2.3:a:google:chrome:5.0.349.0
  • Google Chrome 5.0.348.0
    cpe:2.3:a:google:chrome:5.0.348.0
  • cpe:2.3:a:google:chrome:5.0.350.1
  • cpe:2.3:a:google:chrome:5.0.350.0
  • cpe:2.3:a:google:chrome:5.0.345.0
  • Google Chrome 5.0.344.0
    cpe:2.3:a:google:chrome:5.0.344.0
  • cpe:2.3:a:google:chrome:5.0.347.0
  • cpe:2.3:a:google:chrome:5.0.346.0
  • Google Chrome 5.0.342.7
    cpe:2.3:a:google:chrome:5.0.342.7
  • cpe:2.3:a:google:chrome:5.0.342.8
  • Google Chrome 5.0.342.9
    cpe:2.3:a:google:chrome:5.0.342.9
  • cpe:2.3:a:google:chrome:5.0.343.0
  • cpe:2.3:a:google:chrome:5.0.342.3
  • cpe:2.3:a:google:chrome:5.0.342.4
  • Google Chrome 5.0.342.5
    cpe:2.3:a:google:chrome:5.0.342.5
  • cpe:2.3:a:google:chrome:5.0.342.6
  • Google Chrome 5.0.341.0
    cpe:2.3:a:google:chrome:5.0.341.0
  • Google Chrome 5.0.342.0
    cpe:2.3:a:google:chrome:5.0.342.0
  • Google Chrome 5.0.342.1
    cpe:2.3:a:google:chrome:5.0.342.1
  • cpe:2.3:a:google:chrome:5.0.342.2
  • Google Chrome 5.0.337.0
    cpe:2.3:a:google:chrome:5.0.337.0
  • cpe:2.3:a:google:chrome:5.0.338.0
  • Google Chrome 5.0.339.0
    cpe:2.3:a:google:chrome:5.0.339.0
  • Google Chrome 5.0.340.0
    cpe:2.3:a:google:chrome:5.0.340.0
  • Google Chrome 5.0.336.0
    cpe:2.3:a:google:chrome:5.0.336.0
  • cpe:2.3:a:google:chrome:5.0.335.4
  • cpe:2.3:a:google:chrome:5.0.335.3
  • Google Chrome 5.0.335.2
    cpe:2.3:a:google:chrome:5.0.335.2
  • Google Chrome 5.0.335.1
    cpe:2.3:a:google:chrome:5.0.335.1
  • cpe:2.3:a:google:chrome:5.0.335.0
  • Google Chrome 5.0.334.0
    cpe:2.3:a:google:chrome:5.0.334.0
  • Google Chrome 5.0.333.0
    cpe:2.3:a:google:chrome:5.0.333.0
  • Google Chrome 5.0.332.0
    cpe:2.3:a:google:chrome:5.0.332.0
  • Google Chrome 5.0.330.0
    cpe:2.3:a:google:chrome:5.0.330.0
  • Google Chrome 5.0.329.0
    cpe:2.3:a:google:chrome:5.0.329.0
  • cpe:2.3:a:google:chrome:5.0.328.0
  • cpe:2.3:a:google:chrome:5.0.327.0
  • cpe:2.3:a:google:chrome:5.0.326.0
  • cpe:2.3:a:google:chrome:5.0.325.0
  • Google Chrome 5.0.324.0
    cpe:2.3:a:google:chrome:5.0.324.0
  • cpe:2.3:a:google:chrome:5.0.322.2
  • cpe:2.3:a:google:chrome:5.0.323.0
  • cpe:2.3:a:google:chrome:5.0.322.0
  • cpe:2.3:a:google:chrome:5.0.322.1
  • Google Chrome 5.0.320.0
    cpe:2.3:a:google:chrome:5.0.320.0
  • cpe:2.3:a:google:chrome:5.0.321.0
  • cpe:2.3:a:google:chrome:5.0.318.0
  • cpe:2.3:a:google:chrome:5.0.319.0
  • Google Chrome 5.0.317.1
    cpe:2.3:a:google:chrome:5.0.317.1
  • cpe:2.3:a:google:chrome:5.0.317.2
  • Google Chrome 5.0.316.0
    cpe:2.3:a:google:chrome:5.0.316.0
  • cpe:2.3:a:google:chrome:5.0.317.0
  • cpe:2.3:a:google:chrome:5.0.314.1
  • cpe:2.3:a:google:chrome:5.0.315.0
  • Google Chrome 5.0.313.0
    cpe:2.3:a:google:chrome:5.0.313.0
  • cpe:2.3:a:google:chrome:5.0.314.0
  • cpe:2.3:a:google:chrome:5.0.358.0
  • cpe:2.3:a:google:chrome:5.0.357.0
  • cpe:2.3:a:google:chrome:5.0.360.0
  • Google Chrome 5.0.359.0
    cpe:2.3:a:google:chrome:5.0.359.0
  • Google Chrome 5.0.360.4
    cpe:2.3:a:google:chrome:5.0.360.4
  • cpe:2.3:a:google:chrome:5.0.360.3
  • Google Chrome 5.0.361.0
    cpe:2.3:a:google:chrome:5.0.361.0
  • cpe:2.3:a:google:chrome:5.0.360.5
  • cpe:2.3:a:google:chrome:5.0.363.0
  • Google Chrome 5.0.362.0
    cpe:2.3:a:google:chrome:5.0.362.0
  • cpe:2.3:a:google:chrome:5.0.365.0
  • Google Chrome 5.0.364.0
    cpe:2.3:a:google:chrome:5.0.364.0
  • cpe:2.3:a:google:chrome:5.0.366.1
  • Google Chrome 5.0.366.0
    cpe:2.3:a:google:chrome:5.0.366.0
  • cpe:2.3:a:google:chrome:5.0.366.3
  • cpe:2.3:a:google:chrome:5.0.366.2
  • cpe:2.3:a:google:chrome:5.0.366.4
  • Google Chrome 5.0.367.0
    cpe:2.3:a:google:chrome:5.0.367.0
  • Google Chrome 5.0.368.0
    cpe:2.3:a:google:chrome:5.0.368.0
  • Google Chrome 5.0.369.0
    cpe:2.3:a:google:chrome:5.0.369.0
  • cpe:2.3:a:google:chrome:5.0.369.1
  • Google Chrome 5.0.369.2
    cpe:2.3:a:google:chrome:5.0.369.2
  • cpe:2.3:a:google:chrome:5.0.375.84
  • cpe:2.3:a:google:chrome:5.0.375.85
  • cpe:2.3:a:google:chrome:5.0.375.86
  • Google Chrome 5.0.375.87
    cpe:2.3:a:google:chrome:5.0.375.87
  • cpe:2.3:a:google:chrome:5.0.375.80
  • Google Chrome 5.0.375.81
    cpe:2.3:a:google:chrome:5.0.375.81
  • cpe:2.3:a:google:chrome:5.0.375.82
  • cpe:2.3:a:google:chrome:5.0.375.83
  • Google Chrome 5.0.375.76
    cpe:2.3:a:google:chrome:5.0.375.76
  • Google Chrome 5.0.375.77
    cpe:2.3:a:google:chrome:5.0.375.77
  • Google Chrome 5.0.375.78
    cpe:2.3:a:google:chrome:5.0.375.78
  • cpe:2.3:a:google:chrome:5.0.375.79
  • cpe:2.3:a:google:chrome:5.0.375.72
  • cpe:2.3:a:google:chrome:5.0.375.73
  • Google Chrome 5.0.375.74
    cpe:2.3:a:google:chrome:5.0.375.74
  • Google Chrome 5.0.375.75
    cpe:2.3:a:google:chrome:5.0.375.75
  • Google Chrome 5.0.375.54
    cpe:2.3:a:google:chrome:5.0.375.54
  • Google Chrome 5.0.375.92
    cpe:2.3:a:google:chrome:5.0.375.92
  • cpe:2.3:a:google:chrome:5.0.375.89
  • Google Chrome 5.0.375.88
    cpe:2.3:a:google:chrome:5.0.375.88
  • cpe:2.3:a:google:chrome:5.0.375.91
  • Google Chrome 5.0.375.90
    cpe:2.3:a:google:chrome:5.0.375.90
  • Google Chrome 5.0.375.125
    cpe:2.3:a:google:chrome:5.0.375.125
  • Google Chrome 5.0.375.71
    cpe:2.3:a:google:chrome:5.0.375.71
  • cpe:2.3:a:google:chrome:5.0.375.50
  • cpe:2.3:a:google:chrome:5.0.375.70
  • cpe:2.3:a:google:chrome:5.0.375.51
  • cpe:2.3:a:google:chrome:5.0.375.52
  • Google Chrome 5.0.375.53
    cpe:2.3:a:google:chrome:5.0.375.53
  • Google Chrome 5.0.375.46
    cpe:2.3:a:google:chrome:5.0.375.46
  • Google Chrome 5.0.375.47
    cpe:2.3:a:google:chrome:5.0.375.47
  • Google Chrome 5.0.375.48
    cpe:2.3:a:google:chrome:5.0.375.48
  • Google Chrome 5.0.375.49
    cpe:2.3:a:google:chrome:5.0.375.49
  • cpe:2.3:a:google:chrome:5.0.375.42
  • cpe:2.3:a:google:chrome:5.0.375.43
  • Google Chrome 5.0.375.44
    cpe:2.3:a:google:chrome:5.0.375.44
  • cpe:2.3:a:google:chrome:5.0.375.45
  • cpe:2.3:a:google:chrome:5.0.375.39
  • Google Chrome 5.0.375.40
    cpe:2.3:a:google:chrome:5.0.375.40
  • Google Chrome 5.0.375.41
    cpe:2.3:a:google:chrome:5.0.375.41
  • Google Chrome 5.0.375.8
    cpe:2.3:a:google:chrome:5.0.375.8
  • Google Chrome 5.0.375.7
    cpe:2.3:a:google:chrome:5.0.375.7
  • cpe:2.3:a:google:chrome:5.0.375.6
  • Google Chrome 5.0.375.5
    cpe:2.3:a:google:chrome:5.0.375.5
  • Google Chrome 5.0.375.12
    cpe:2.3:a:google:chrome:5.0.375.12
  • cpe:2.3:a:google:chrome:5.0.375.11
  • Google Chrome 5.0.375.10
    cpe:2.3:a:google:chrome:5.0.375.10
  • cpe:2.3:a:google:chrome:5.0.375.9
  • Google Chrome 5.0.375.16
    cpe:2.3:a:google:chrome:5.0.375.16
  • Google Chrome 5.0.375.15
    cpe:2.3:a:google:chrome:5.0.375.15
  • cpe:2.3:a:google:chrome:5.0.375.14
  • Google Chrome 5.0.375.13
    cpe:2.3:a:google:chrome:5.0.375.13
  • cpe:2.3:a:google:chrome:5.0.375.20
  • Google Chrome 5.0.375.19
    cpe:2.3:a:google:chrome:5.0.375.19
  • Google Chrome 5.0.375.18
    cpe:2.3:a:google:chrome:5.0.375.18
  • Google Chrome 5.0.375.17
    cpe:2.3:a:google:chrome:5.0.375.17
  • Google Chrome 5.0.375.23
    cpe:2.3:a:google:chrome:5.0.375.23
  • cpe:2.3:a:google:chrome:5.0.375.127
  • cpe:2.3:a:google:chrome:5.0.375.25
  • Google Chrome 5.0.375.21
    cpe:2.3:a:google:chrome:5.0.375.21
  • cpe:2.3:a:google:chrome:5.0.375.22
  • Google Chrome 5.0.375.28
    cpe:2.3:a:google:chrome:5.0.375.28
  • cpe:2.3:a:google:chrome:5.0.375.29
  • cpe:2.3:a:google:chrome:5.0.375.26
  • Google Chrome 5.0.375.27
    cpe:2.3:a:google:chrome:5.0.375.27
  • Google Chrome 5.0.375.32
    cpe:2.3:a:google:chrome:5.0.375.32
  • Google Chrome 5.0.375.33
    cpe:2.3:a:google:chrome:5.0.375.33
  • cpe:2.3:a:google:chrome:5.0.375.30
  • Google Chrome 5.0.375.31
    cpe:2.3:a:google:chrome:5.0.375.31
  • cpe:2.3:a:google:chrome:5.0.375.36
  • cpe:2.3:a:google:chrome:5.0.375.37
  • Google Chrome 5.0.375.34
    cpe:2.3:a:google:chrome:5.0.375.34
  • Google Chrome 5.0.375.35
    cpe:2.3:a:google:chrome:5.0.375.35
  • cpe:2.3:a:google:chrome:5.0.375.126
  • cpe:2.3:a:google:chrome:5.0.370.0
  • cpe:2.3:a:google:chrome:5.0.371.0
  • Google Chrome 5.0.375.65
    cpe:2.3:a:google:chrome:5.0.375.65
  • Google Chrome 5.0.372.0
    cpe:2.3:a:google:chrome:5.0.372.0
  • Google Chrome 5.0.375.66
    cpe:2.3:a:google:chrome:5.0.375.66
  • Google Chrome 5.0.373.0
    cpe:2.3:a:google:chrome:5.0.373.0
  • cpe:2.3:a:google:chrome:5.0.375.63
  • Google Chrome 5.0.374.0
    cpe:2.3:a:google:chrome:5.0.374.0
  • Google Chrome 5.0.375.64
    cpe:2.3:a:google:chrome:5.0.375.64
  • cpe:2.3:a:google:chrome:5.0.375.0
  • Google Chrome 5.0.375.69
    cpe:2.3:a:google:chrome:5.0.375.69
  • Google Chrome 5.0.375.1
    cpe:2.3:a:google:chrome:5.0.375.1
  • cpe:2.3:a:google:chrome:5.0.375.2
  • cpe:2.3:a:google:chrome:5.0.375.67
  • Google Chrome 5.0.375.3
    cpe:2.3:a:google:chrome:5.0.375.3
  • cpe:2.3:a:google:chrome:5.0.375.68
  • Google Chrome 5.0.375.4
    cpe:2.3:a:google:chrome:5.0.375.4
  • Google Chrome 5.0.375.60
    cpe:2.3:a:google:chrome:5.0.375.60
  • Google Chrome 5.0.375.59
    cpe:2.3:a:google:chrome:5.0.375.59
  • cpe:2.3:a:google:chrome:5.0.375.62
  • Google Chrome 5.0.375.61
    cpe:2.3:a:google:chrome:5.0.375.61
  • cpe:2.3:a:google:chrome:5.0.375.56
  • cpe:2.3:a:google:chrome:5.0.375.55
  • Google Chrome 5.0.375.58
    cpe:2.3:a:google:chrome:5.0.375.58
  • cpe:2.3:a:google:chrome:5.0.375.57
  • cpe:2.3:a:google:chrome:5.0.375.38
  • cpe:2.3:a:google:chrome:5.0.375.97
  • cpe:2.3:a:google:chrome:5.0.375.96
  • Google Chrome 5.0.375.99
    cpe:2.3:a:google:chrome:5.0.375.99
  • cpe:2.3:a:google:chrome:5.0.375.98
  • Google Chrome 5.0.375.93
    cpe:2.3:a:google:chrome:5.0.375.93
  • cpe:2.3:a:google:chrome:5.0.375.95
  • Google Chrome 5.0.375.94
    cpe:2.3:a:google:chrome:5.0.375.94
  • Google Chrome 5.0.381.0
    cpe:2.3:a:google:chrome:5.0.381.0
  • Google Chrome 5.0.380.0
    cpe:2.3:a:google:chrome:5.0.380.0
  • Google Chrome 5.0.382.3
    cpe:2.3:a:google:chrome:5.0.382.3
  • Google Chrome 5.0.382.0
    cpe:2.3:a:google:chrome:5.0.382.0
  • cpe:2.3:a:google:chrome:5.0.376.0
  • cpe:2.3:a:google:chrome:5.0.379.0
  • cpe:2.3:a:google:chrome:5.0.378.0
  • cpe:2.3:a:google:chrome:5.0.390.0
  • cpe:2.3:a:google:chrome:5.0.387.0
  • Google Chrome 5.0.392.0
    cpe:2.3:a:google:chrome:5.0.392.0
  • Google Chrome 5.0.391.0
    cpe:2.3:a:google:chrome:5.0.391.0
  • cpe:2.3:a:google:chrome:5.0.384.0
  • cpe:2.3:a:google:chrome:5.0.383.0
  • cpe:2.3:a:google:chrome:5.0.386.0
  • Google Chrome 5.0.385.0
    cpe:2.3:a:google:chrome:5.0.385.0
  • Google Chrome 5.0.393.0
    cpe:2.3:a:google:chrome:5.0.393.0
  • cpe:2.3:a:google:chrome:5.0.394.0
  • Google Chrome 5.0.395.0
    cpe:2.3:a:google:chrome:5.0.395.0
  • cpe:2.3:a:google:chrome:5.0.396.0
  • Google Chrome 4.0.249.60
    cpe:2.3:a:google:chrome:4.0.249.60
  • cpe:2.3:a:google:chrome:4.0.244.0
  • Google Chrome 4.0.249.0
    cpe:2.3:a:google:chrome:4.0.249.0
  • cpe:2.3:a:google:chrome:4.0.243.0
  • Google Chrome 4.0.242.0
    cpe:2.3:a:google:chrome:4.0.242.0
  • cpe:2.3:a:google:chrome:4.0.241.0
  • Google Chrome 4.0.240.0
    cpe:2.3:a:google:chrome:4.0.240.0
  • Google Chrome 4.0.239.0
    cpe:2.3:a:google:chrome:4.0.239.0
  • Google Chrome 4.0.237.0
    cpe:2.3:a:google:chrome:4.0.237.0
  • cpe:2.3:a:google:chrome:4.0.237.1
  • cpe:2.3:a:google:chrome:4.0.236.0
  • Google Chrome 4.0.235.0
    cpe:2.3:a:google:chrome:4.0.235.0
  • Google Chrome 4.0.229.1
    cpe:2.3:a:google:chrome:4.0.229.1
  • cpe:2.3:a:google:chrome:4.0.224.0
  • Google Chrome 4.0.223.9
    cpe:2.3:a:google:chrome:4.0.223.9
  • cpe:2.3:a:google:chrome:4.0.223.8
  • Google Chrome 4.0.223.7
    cpe:2.3:a:google:chrome:4.0.223.7
  • cpe:2.3:a:google:chrome:4.0.223.5
  • cpe:2.3:a:google:chrome:4.0.223.4
  • Google Chrome 4.0.223.1
    cpe:2.3:a:google:chrome:4.0.223.1
  • Google Chrome 4.0.223.2
    cpe:2.3:a:google:chrome:4.0.223.2
  • cpe:2.3:a:google:chrome:4.0.222.0
  • Google Chrome 4.0.223.0
    cpe:2.3:a:google:chrome:4.0.223.0
  • Google Chrome 4.0.222.12
    cpe:2.3:a:google:chrome:4.0.222.12
  • Google Chrome 4.0.222.5
    cpe:2.3:a:google:chrome:4.0.222.5
  • cpe:2.3:a:google:chrome:4.0.221.8
  • Google Chrome 4.0.222.1
    cpe:2.3:a:google:chrome:4.0.222.1
  • Google Chrome 4.0.212.0
    cpe:2.3:a:google:chrome:4.0.212.0
  • cpe:2.3:a:google:chrome:4.0.212.1
  • Google Chrome 4.0.249.21
    cpe:2.3:a:google:chrome:4.0.249.21
  • Google Chrome 4.0.249.22
    cpe:2.3:a:google:chrome:4.0.249.22
  • cpe:2.3:a:google:chrome:4.0.249.23
  • cpe:2.3:a:google:chrome:4.0.249.24
  • Google Chrome 4.0.249.25
    cpe:2.3:a:google:chrome:4.0.249.25
  • Google Chrome 4.0.249.26
    cpe:2.3:a:google:chrome:4.0.249.26
  • cpe:2.3:a:google:chrome:4.0.249.27
  • cpe:2.3:a:google:chrome:4.0.249.28
  • Google Chrome 4.0.249.29
    cpe:2.3:a:google:chrome:4.0.249.29
  • cpe:2.3:a:google:chrome:4.0.249.30
  • Google Chrome 4.0.249.31
    cpe:2.3:a:google:chrome:4.0.249.31
  • Google Chrome 4.0.249.32
    cpe:2.3:a:google:chrome:4.0.249.32
  • cpe:2.3:a:google:chrome:4.0.249.33
  • Google Chrome 4.0.249.34
    cpe:2.3:a:google:chrome:4.0.249.34
  • cpe:2.3:a:google:chrome:4.0.249.35
  • Google Chrome 4.0.249.36
    cpe:2.3:a:google:chrome:4.0.249.36
  • cpe:2.3:a:google:chrome:4.0.245.1
  • cpe:2.3:a:google:chrome:4.0.245.0
  • cpe:2.3:a:google:chrome:4.0.247.0
  • cpe:2.3:a:google:chrome:4.0.246.0
  • Google Chrome 4.0.249.1
    cpe:2.3:a:google:chrome:4.0.249.1
  • Google Chrome 4.0.248.0
    cpe:2.3:a:google:chrome:4.0.248.0
  • Google Chrome 4.0.249.11
    cpe:2.3:a:google:chrome:4.0.249.11
  • cpe:2.3:a:google:chrome:4.0.249.10
  • Google Chrome 4.0.249.14
    cpe:2.3:a:google:chrome:4.0.249.14
  • Google Chrome 4.0.249.12
    cpe:2.3:a:google:chrome:4.0.249.12
  • cpe:2.3:a:google:chrome:4.0.249.17
  • Google Chrome 4.0.249.16
    cpe:2.3:a:google:chrome:4.0.249.16
  • Google Chrome 4.0.249.19
    cpe:2.3:a:google:chrome:4.0.249.19
  • cpe:2.3:a:google:chrome:4.0.249.18
  • Google Chrome 4.0.249.20
    cpe:2.3:a:google:chrome:4.0.249.20
  • cpe:2.3:a:google:chrome:4.0.249.2
  • Google Chrome 4.0.249.52
    cpe:2.3:a:google:chrome:4.0.249.52
  • cpe:2.3:a:google:chrome:4.0.249.53
  • cpe:2.3:a:google:chrome:4.0.249.50
  • cpe:2.3:a:google:chrome:4.0.249.51
  • cpe:2.3:a:google:chrome:4.0.249.56
  • cpe:2.3:a:google:chrome:4.0.249.57
  • cpe:2.3:a:google:chrome:4.0.249.54
  • cpe:2.3:a:google:chrome:4.0.249.55
  • cpe:2.3:a:google:chrome:4.0.249.6
  • cpe:2.3:a:google:chrome:4.0.249.61
  • Google Chrome 4.0.249.58
    cpe:2.3:a:google:chrome:4.0.249.58
  • cpe:2.3:a:google:chrome:4.0.249.59
  • Google Chrome 4.0.249.64
    cpe:2.3:a:google:chrome:4.0.249.64
  • cpe:2.3:a:google:chrome:4.0.249.65
  • Google Chrome 4.0.249.62
    cpe:2.3:a:google:chrome:4.0.249.62
  • cpe:2.3:a:google:chrome:4.0.249.63
  • Google Chrome 4.0.249.3
    cpe:2.3:a:google:chrome:4.0.249.3
  • cpe:2.3:a:google:chrome:4.0.249.39
  • Google Chrome 4.0.249.38
    cpe:2.3:a:google:chrome:4.0.249.38
  • Google Chrome 4.0.249.37
    cpe:2.3:a:google:chrome:4.0.249.37
  • Google Chrome 4.0.249.42
    cpe:2.3:a:google:chrome:4.0.249.42
  • Google Chrome 4.0.249.41
    cpe:2.3:a:google:chrome:4.0.249.41
  • Google Chrome 4.0.249.40
    cpe:2.3:a:google:chrome:4.0.249.40
  • cpe:2.3:a:google:chrome:4.0.249.4
  • Google Chrome 4.0.249.46
    cpe:2.3:a:google:chrome:4.0.249.46
  • Google Chrome 4.0.249.45
    cpe:2.3:a:google:chrome:4.0.249.45
  • Google Chrome 4.0.249.44
    cpe:2.3:a:google:chrome:4.0.249.44
  • Google Chrome 4.0.249.43
    cpe:2.3:a:google:chrome:4.0.249.43
  • Google Chrome 4.0.249.5
    cpe:2.3:a:google:chrome:4.0.249.5
  • Google Chrome 4.0.249.49
    cpe:2.3:a:google:chrome:4.0.249.49
  • Google Chrome 4.0.249.48
    cpe:2.3:a:google:chrome:4.0.249.48
  • Google Chrome 4.0.249.47
    cpe:2.3:a:google:chrome:4.0.249.47
  • cpe:2.3:a:google:chrome:4.0.249.70
  • Google Chrome 4.0.249.7
    cpe:2.3:a:google:chrome:4.0.249.7
  • Google Chrome 4.0.249.71
    cpe:2.3:a:google:chrome:4.0.249.71
  • cpe:2.3:a:google:chrome:4.0.249.67
  • Google Chrome 4.0.249.66
    cpe:2.3:a:google:chrome:4.0.249.66
  • Google Chrome 4.0.249.69
    cpe:2.3:a:google:chrome:4.0.249.69
  • Google Chrome 4.0.249.68
    cpe:2.3:a:google:chrome:4.0.249.68
  • cpe:2.3:a:google:chrome:4.0.304.0
  • Google Chrome 4.0.305.0
    cpe:2.3:a:google:chrome:4.0.305.0
  • cpe:2.3:a:google:chrome:4.0.249.78
  • Google Chrome 4.0.249.78:beta
    cpe:2.3:a:google:chrome:4.0.249.78:beta
  • Google Chrome 4.0.249.89
    cpe:2.3:a:google:chrome:4.0.249.89
  • cpe:2.3:a:google:chrome:4.0.250.2
  • cpe:2.3:a:google:chrome:4.0.251.0
  • Google Chrome 4.0.252.0
    cpe:2.3:a:google:chrome:4.0.252.0
  • Google Chrome 4.0.254.0
    cpe:2.3:a:google:chrome:4.0.254.0
  • cpe:2.3:a:google:chrome:4.0.249.80
  • Google Chrome 4.0.249.81
    cpe:2.3:a:google:chrome:4.0.249.81
  • cpe:2.3:a:google:chrome:4.0.249.82
  • Google Chrome 4.0.250.0
    cpe:2.3:a:google:chrome:4.0.250.0
  • Google Chrome 4.0.259.0
    cpe:2.3:a:google:chrome:4.0.259.0
  • cpe:2.3:a:google:chrome:4.0.260.0
  • Google Chrome 4.0.261.0
    cpe:2.3:a:google:chrome:4.0.261.0
  • Google Chrome 4.0.262.0
    cpe:2.3:a:google:chrome:4.0.262.0
  • cpe:2.3:a:google:chrome:4.0.255.0
  • Google Chrome 4.0.256.0
    cpe:2.3:a:google:chrome:4.0.256.0
  • cpe:2.3:a:google:chrome:4.0.257.0
  • cpe:2.3:a:google:chrome:4.0.258.0
  • Google Chrome 4.0.249.72
    cpe:2.3:a:google:chrome:4.0.249.72
  • Google Chrome 4.0.249.79
    cpe:2.3:a:google:chrome:4.0.249.79
  • cpe:2.3:a:google:chrome:4.0.249.77
  • cpe:2.3:a:google:chrome:4.0.249.8
  • Google Chrome 4.0.249.9
    cpe:2.3:a:google:chrome:4.0.249.9
  • cpe:2.3:a:google:chrome:4.0.249.74
  • Google Chrome 4.0.249.73
    cpe:2.3:a:google:chrome:4.0.249.73
  • Google Chrome 4.0.249.76
    cpe:2.3:a:google:chrome:4.0.249.76
  • cpe:2.3:a:google:chrome:4.0.249.75
  • cpe:2.3:a:google:chrome:4.0.295.0
  • cpe:2.3:a:google:chrome:4.0.296.0
  • cpe:2.3:a:google:chrome:4.0.292.0
  • Google Chrome 4.0.294.0
    cpe:2.3:a:google:chrome:4.0.294.0
  • cpe:2.3:a:google:chrome:4.0.289.0
  • cpe:2.3:a:google:chrome:4.0.290.0
  • cpe:2.3:a:google:chrome:4.0.288.0
  • cpe:2.3:a:google:chrome:4.0.288.1
  • cpe:2.3:a:google:chrome:4.0.302.3
  • cpe:2.3:a:google:chrome:4.0.303.0
  • Google Chrome 4.0.302.1
    cpe:2.3:a:google:chrome:4.0.302.1
  • cpe:2.3:a:google:chrome:4.0.302.2
  • cpe:2.3:a:google:chrome:4.0.301.0
  • Google Chrome 4.0.302.0
    cpe:2.3:a:google:chrome:4.0.302.0
  • Google Chrome 4.0.299.0
    cpe:2.3:a:google:chrome:4.0.299.0
  • cpe:2.3:a:google:chrome:4.0.300.0
  • Google Chrome 4.0.271.0
    cpe:2.3:a:google:chrome:4.0.271.0
  • Google Chrome 4.0.269.0
    cpe:2.3:a:google:chrome:4.0.269.0
  • cpe:2.3:a:google:chrome:4.0.268.0
  • cpe:2.3:a:google:chrome:4.0.267.0
  • Google Chrome 4.0.266.0
    cpe:2.3:a:google:chrome:4.0.266.0
  • Google Chrome 4.0.265.0
    cpe:2.3:a:google:chrome:4.0.265.0
  • cpe:2.3:a:google:chrome:4.0.264.0
  • cpe:2.3:a:google:chrome:4.0.263.0
  • cpe:2.3:a:google:chrome:4.0.287.0
  • Google Chrome 4.0.286.0
    cpe:2.3:a:google:chrome:4.0.286.0
  • Google Chrome 4.0.278.0
    cpe:2.3:a:google:chrome:4.0.278.0
  • Google Chrome 4.0.277.0
    cpe:2.3:a:google:chrome:4.0.277.0
  • Google Chrome 4.0.276.0
    cpe:2.3:a:google:chrome:4.0.276.0
  • cpe:2.3:a:google:chrome:4.0.275.1
  • Google Chrome 4.0.275.0
    cpe:2.3:a:google:chrome:4.0.275.0
  • cpe:2.3:a:google:chrome:4.0.272.0
  • Google Chrome 3.0.195.24
    cpe:2.3:a:google:chrome:3.0.195.24
  • cpe:2.3:a:google:chrome:3.0.193.2:beta
  • Google Chrome 3.0.195.33
    cpe:2.3:a:google:chrome:3.0.195.33
  • Google Chrome 3.0.195.32
    cpe:2.3:a:google:chrome:3.0.195.32
  • Google Chrome 3.0.195.21
    cpe:2.3:a:google:chrome:3.0.195.21
  • cpe:2.3:a:google:chrome:3.0.182.2
  • Google Chrome 3.0.190.2
    cpe:2.3:a:google:chrome:3.0.190.2
  • Google Chrome 3.0.195.37
    cpe:2.3:a:google:chrome:3.0.195.37
  • Google Chrome 3.0.195.38
    cpe:2.3:a:google:chrome:3.0.195.38
  • Google Chrome 3.0.195.27
    cpe:2.3:a:google:chrome:3.0.195.27
  • cpe:2.3:a:google:chrome:3.0.195.36
  • Google Chrome 3.0.195.2
    cpe:2.3:a:google:chrome:3.0.195.2
  • Google Chrome 3.0.195.25
    cpe:2.3:a:google:chrome:3.0.195.25
  • cpe:2.3:a:google:chrome:2.0.172.28
  • cpe:2.3:a:google:chrome:2.0.172.38
  • cpe:2.3:a:google:chrome:2.0.172.8
  • cpe:2.3:a:google:chrome:2.0.172.2
  • cpe:2.3:a:google:chrome:2.0.172.27
  • cpe:2.3:a:google:chrome:2.0.172
  • cpe:2.3:a:google:chrome:2.0.157.0
  • Google Chrome 2.0.157.2
    cpe:2.3:a:google:chrome:2.0.157.2
  • Google Chrome 2.0.156.1
    cpe:2.3:a:google:chrome:2.0.156.1
  • Google Chrome 2.0.172.31
    cpe:2.3:a:google:chrome:2.0.172.31
  • Google Chrome 2.0.172.30
    cpe:2.3:a:google:chrome:2.0.172.30
  • cpe:2.3:a:google:chrome:2.0.172.33
  • cpe:2.3:a:google:chrome:2.0.169.1
  • cpe:2.3:a:google:chrome:2.0.170.0
  • Google Chrome 2.0.158.0
    cpe:2.3:a:google:chrome:2.0.158.0
  • cpe:2.3:a:google:chrome:2.0.169.0
  • Google Chrome 2.0.159.0
    cpe:2.3:a:google:chrome:2.0.159.0
  • Google Chrome 2.0.172.37
    cpe:2.3:a:google:chrome:2.0.172.37
  • cpe:2.3:a:google:chrome:1.0.154.36
  • cpe:2.3:a:google:chrome:1.0.154.48
  • Google Chrome 1.0.154.64
    cpe:2.3:a:google:chrome:1.0.154.64
  • Google Chrome 1.0.154.43
    cpe:2.3:a:google:chrome:1.0.154.43
  • cpe:2.3:a:google:chrome:1.0.154.59
  • Google Chrome 1.0.154.53
    cpe:2.3:a:google:chrome:1.0.154.53
  • cpe:2.3:a:google:chrome:1.0.154.46
  • cpe:2.3:a:google:chrome:1.0.154.39
  • cpe:2.3:a:google:chrome:1.0.154.42
  • Google Chrome 1.0.154.65
    cpe:2.3:a:google:chrome:1.0.154.65
  • cpe:2.3:a:google:chrome:1.0.154.52
  • Google Chrome 0.1.42.2
    cpe:2.3:a:google:chrome:0.1.42.2
  • cpe:2.3:a:google:chrome:0.1.42.3
  • Google Chrome 0.1.38.1
    cpe:2.3:a:google:chrome:0.1.38.1
  • Google Chrome 0.1.38.2
    cpe:2.3:a:google:chrome:0.1.38.2
  • Google Chrome 0.1.38.4
    cpe:2.3:a:google:chrome:0.1.38.4
  • cpe:2.3:a:google:chrome:0.1.40.1
  • Google Chrome 0.3.154.3
    cpe:2.3:a:google:chrome:0.3.154.3
  • Google Chrome 0.4.154.18
    cpe:2.3:a:google:chrome:0.4.154.18
  • Google Chrome 0.2.153.1
    cpe:2.3:a:google:chrome:0.2.153.1
  • cpe:2.3:a:google:chrome:0.3.154.0
  • cpe:2.3:a:google:chrome:0.2.152.1
  • Google Chrome 0.4.154.31
    cpe:2.3:a:google:chrome:0.4.154.31
  • Google Chrome 0.4.154.22
    cpe:2.3:a:google:chrome:0.4.154.22
  • Google Chrome 0.4.154.33
    cpe:2.3:a:google:chrome:0.4.154.33
  • Google Chrome 0.2.149.27
    cpe:2.3:a:google:chrome:0.2.149.27
  • cpe:2.3:a:google:chrome:0.2.149.29
  • Google Chrome 0.2.149.30
    cpe:2.3:a:google:chrome:0.2.149.30
  • Apple Safari 5.0.1
    cpe:2.3:a:apple:safari:5.0.1
  • Apple Safari 5.0.2
    cpe:2.3:a:apple:safari:5.0.2
  • Apple Safari 5.0
    cpe:2.3:a:apple:safari:5.0
  • Apple Safari 4.0.1
    cpe:2.3:a:apple:safari:4.0.1
  • Apple Safari 4.0.2
    cpe:2.3:a:apple:safari:4.0.2
  • Apple Safari 4.0.3
    cpe:2.3:a:apple:safari:4.0.3
  • Apple Safari 4.0.4
    cpe:2.3:a:apple:safari:4.0.4
  • Apple Safari 4.0.5
    cpe:2.3:a:apple:safari:4.0.5
  • Apple Safari 4.0.0b
    cpe:2.3:a:apple:safari:4.0.0b
  • Apple Safari 4.0
    cpe:2.3:a:apple:safari:4.0
  • Apple Safari 4 Beta
    cpe:2.3:a:apple:safari:4.0:beta
  • Apple Safari 4.1
    cpe:2.3:a:apple:safari:4.1
  • Apple Safari 4.1.1
    cpe:2.3:a:apple:safari:4.1.1
  • Apple Safari 4.1.2
    cpe:2.3:a:apple:safari:4.1.2
  • Apple Safari 3
    cpe:2.3:a:apple:safari:3
  • Apple Safari 3.0
    cpe:2.3:a:apple:safari:3.0
  • Apple Safari 3.0.0
    cpe:2.3:a:apple:safari:3.0.0
  • Apple Safari 3.0.0b
    cpe:2.3:a:apple:safari:3.0.0b
  • Apple Safari 3.0.1
    cpe:2.3:a:apple:safari:3.0.1
  • Apple Safari 3.0.1 Beta
    cpe:2.3:a:apple:safari:3.0.1:beta
  • Apple Safari 3.0.1b
    cpe:2.3:a:apple:safari:3.0.1b
  • Apple Safari 3.0.2
    cpe:2.3:a:apple:safari:3.0.2
  • Apple Safari 3.0.2b
    cpe:2.3:a:apple:safari:3.0.2b
  • Apple Safari 3.0.3
    cpe:2.3:a:apple:safari:3.0.3
  • Apple Safari 3.0.3b
    cpe:2.3:a:apple:safari:3.0.3b
  • Apple Safari 3.0.4
    cpe:2.3:a:apple:safari:3.0.4
  • Apple Safari 3.0.4b
    cpe:2.3:a:apple:safari:3.0.4b
  • Apple Safari 3.1.0
    cpe:2.3:a:apple:safari:3.1.0
  • Apple Safari 3.1.0b
    cpe:2.3:a:apple:safari:3.1.0b
  • Apple Safari 3.1.1
    cpe:2.3:a:apple:safari:3.1.1
  • Apple Safari 3.1.2
    cpe:2.3:a:apple:safari:3.1.2
  • Apple Safari 3.2.0
    cpe:2.3:a:apple:safari:3.2.0
  • Apple Safari 3.2.1
    cpe:2.3:a:apple:safari:3.2.1
  • Apple Safari 3.2.2
    cpe:2.3:a:apple:safari:3.2.2
  • Apple Safari 2.0.4
    cpe:2.3:a:apple:safari:2.0.4
  • Apple Safari 2.0.3 417.9.3
    cpe:2.3:a:apple:safari:2.0.3:417.9.3
  • Apple Safari 2.0.3 417.9.2
    cpe:2.3:a:apple:safari:2.0.3:417.9.2
  • Apple Safari 2.0.3 417.9
    cpe:2.3:a:apple:safari:2.0.3:417.9
  • Apple Safari 2.0.3 417.8
    cpe:2.3:a:apple:safari:2.0.3:417.8
  • Apple Safari 2.0.3
    cpe:2.3:a:apple:safari:2.0.3
  • Apple Safari 2.0.2
    cpe:2.3:a:apple:safari:2.0.2
  • Apple Safari 2.0.1
    cpe:2.3:a:apple:safari:2.0.1
  • Apple Safari 2.0.0
    cpe:2.3:a:apple:safari:2.0.0
  • Apple Safari 2.0
    cpe:2.3:a:apple:safari:2.0
  • Apple Safari 2
    cpe:2.3:a:apple:safari:2
  • Apple Safari 1.1.1
    cpe:2.3:a:apple:safari:1.1.1
  • Apple Safari 1.3.2
    cpe:2.3:a:apple:safari:1.3.2
  • Apple Safari 1.2
    cpe:2.3:a:apple:safari:1.2
  • Apple Safari 1.2.1
    cpe:2.3:a:apple:safari:1.2.1
  • Apple Safari 1.2.2
    cpe:2.3:a:apple:safari:1.2.2
  • Apple Safari 1.2.3
    cpe:2.3:a:apple:safari:1.2.3
  • Apple Safari 1.2.4
    cpe:2.3:a:apple:safari:1.2.4
  • Apple Safari 1.2.5
    cpe:2.3:a:apple:safari:1.2.5
  • Apple Safari 1.3
    cpe:2.3:a:apple:safari:1.3
  • Apple Safari 1.3.1
    cpe:2.3:a:apple:safari:1.3.1
  • Apple Safari 1.1
    cpe:2.3:a:apple:safari:1.1
  • Apple Safari 1.0 Beta2
    cpe:2.3:a:apple:safari:1.0:beta2
  • Apple Safari 1.0 Beta
    cpe:2.3:a:apple:safari:1.0:beta
  • Apple Safari 1.0
    cpe:2.3:a:apple:safari:1.0
  • Apple Safari 1.0.3 85.8
    cpe:2.3:a:apple:safari:1.0.3:85.8
  • Apple Safari 1.0.3 85.8.1
    cpe:2.3:a:apple:safari:1.0.3:85.8.1
  • Apple Safari 1.3.2 312.5
    cpe:2.3:a:apple:safari:1.3.2:312.5
  • Apple Safari 1.3.2 312.6
    cpe:2.3:a:apple:safari:1.3.2:312.6
  • Apple Safari 1.0.0
    cpe:2.3:a:apple:safari:1.0.0
  • Apple Safari 1.0.3
    cpe:2.3:a:apple:safari:1.0.3
  • Apple Safari 1.3.0
    cpe:2.3:a:apple:safari:1.3.0
  • Apple Safari 1.2.0
    cpe:2.3:a:apple:safari:1.2.0
  • Apple Safari 1.1.0
    cpe:2.3:a:apple:safari:1.1.0
  • Apple Safari 1.0.2
    cpe:2.3:a:apple:safari:1.0.2
  • Apple Safari 1.0.1
    cpe:2.3:a:apple:safari:1.0.1
  • Apple Safari 1.0.0b2
    cpe:2.3:a:apple:safari:1.0.0b2
  • Apple Safari 1.0.0b1
    cpe:2.3:a:apple:safari:1.0.0b1
CVSS
Base: 4.3 (as of 17-11-2015 - 09:49)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_6_7.NASL
    description The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.7. Mac OS X 10.6.7 contains security fixes for the following products : - AirPort - Apache - AppleScript - ATS - bzip2 - CarbonCore - ClamAV - CoreText - File Quarantine - HFS - ImageIO - Image RAW - Installer - Kerberos - Kernel - Libinfo - libxml - Mailman - PHP - QuickLook - QuickTime - Ruby - Samba - Subversion - Terminal - X11
    last seen 2019-02-21
    modified 2018-08-22
    plugin id 52754
    published 2011-03-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52754
    title Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-0168.NASL
    description An updated rhev-hypervisor5 package that fixes several security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host. (CVE-2012-0029) A divide-by-zero flaw was found in the Linux kernel's igmp_heard_query() function. An attacker able to send certain IGMP (Internet Group Management Protocol) packets to a target system could use this flaw to cause a denial of service. (CVE-2012-0207) A double free flaw was discovered in the policy checking code in OpenSSL. A remote attacker could use this flaw to crash an application that uses OpenSSL by providing an X.509 certificate that has specially crafted policy extension data. (CVE-2011-4109) An information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576) It was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619) Red Hat would like to thank Nicolae Mogoreanu for reporting CVE-2012-0029, and Simon McVittie for reporting CVE-2012-0207. This updated package provides updated components that include fixes for various security issues. These issues have no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fixes included in this update address the following CVE numbers : CVE-2006-1168 and CVE-2011-2716 (busybox issues) CVE-2009-5029, CVE-2009-5064, CVE-2010-0830 and CVE-2011-1089 (glibc issues) CVE-2011-1083, CVE-2011-3638, CVE-2011-4086, CVE-2011-4127 and CVE-2012-0028 (kernel issues) CVE-2011-1526 (krb5 issue) CVE-2011-4347 (kvm issue) CVE-2010-4008, CVE-2011-0216, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919 and CVE-2011-1944 (libxml2 issues) CVE-2011-1749 (nfs-utils issue) CVE-2011-4108 (openssl issue) CVE-2011-0010 (sudo issue) CVE-2011-1675 and CVE-2011-1677 (util-linux issues) CVE-2010-0424 (vixie-cron issue) This updated rhev-hypervisor5 package fixes various bugs. Documentation of these changes will be available shortly in the Technical Notes document : https://docs.redhat.com/docs/en-US/ Red_Hat_Enterprise_Virtualization_for_Servers/2.2/html/Technical_Notes / index.html Users of Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which fixes these issues.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 79283
    published 2014-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79283
    title RHEL 5 : rhev-hypervisor5 (RHSA-2012:0168)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_LIBXML2-101103.NASL
    description libxml2: Invalid memory access in the xpath handling has been fixed. CVE-2010-4008 has been assigned to this issue.
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 75632
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75632
    title openSUSE Security Update : libxml2 (openSUSE-SU-2010:1004-1)
  • NASL family Windows
    NASL id OPENOFFICE_33.NASL
    description The version of Oracle OpenOffice.org installed on the remote host is prior to 3.3. It is, therefore, affected by several issues : - Issues exist relating to PowerPoint document processing that may lead to arbitrary code execution. (CVE-2010-2935, CVE-2010-2936) - A directory traversal vulnerability exists in zip / jar package extraction. (CVE-2010-3450) - Issues exist relating to RTF document processing that may lead to arbitrary code execution. (CVE-2010-3451, CVE-2010-3452) - Issues exist relating to Word document processing that may lead to arbitrary code execution. (CVE-2010-3453, CVE-2010-3454) - Issues exist in the third-party XPDF library relating to PDF document processing that may allow arbitrary code execution. (CVE-2010-3702, CVE-2010-3704) - OpenOffice.org includes a version of LIBXML2 that is affected by multiple vulnerabilities. (CVE-2010-4008, CVE-2010-4494) - An issue exists with PNG file processing that may allow arbitrary code execution. (CVE-2010-4253) - An issue exists with TGA file processing that may allow arbitrary code execution. (CVE-2010-4643)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 51773
    published 2011-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51773
    title Oracle OpenOffice.org < 3.3 Multiple Vulnerabilities
  • NASL family Windows
    NASL id SAFARI_5_0_4.NASL
    description The version of Safari installed on the remote Windows host is earlier than 5.0.4. It therefore is potentially affected by several issues in the following components : - ImageIO - libxml - WebKit
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 52613
    published 2011-03-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52613
    title Safari < 5.0.4 Multiple Vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SAFARI5_0_4.NASL
    description The version of Apple Safari installed on the remote Mac OS X host is earlier than 5.0.4. As such, it is potentially affected by several issues in the following components : - libxml - WebKit
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 52612
    published 2011-03-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52612
    title Mac OS X : Apple Safari < 5.0.4
  • NASL family Windows
    NASL id GOOGLE_CHROME_7_0_517_44.NASL
    description The version of Google Chrome installed on the remote host is earlier than 7.0.517.44. Such versions are reportedly affected by multiple vulnerabilities : - A use-after-free error exists in text editing. (Issue #51602) - A memory corruption error exists relating to enormous text area. (Issue #55257) - A bad cast exists with the SVG use element. (Issue #58657) - An invalid memory read exists in XPath handling. (Issue #58731) - A use-after-free error exists in text control selections. (Issue #58741) - A memory corruption issue exists in libvpx. (Issue #60055) - A bad use of a destroyed frame object exists. (Issue #60238) - Multiple type confusions exists with event objects. (Issue #60327, #60769, #61255) - An out-of-bounds array access exists in SVG handling. (Issue #60688)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 50476
    published 2010-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50476
    title Google Chrome < 7.0.517.44 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_LIBXML2-101103.NASL
    description libxml2: Invalid memory access in the xpath handling has been fixed. CVE-2010-4008 has been assigned to this issue.
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 53765
    published 2011-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53765
    title openSUSE Security Update : libxml2 (openSUSE-SU-2010:1004-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_LIBXML2-101103.NASL
    description libxml2: Invalid memory access in the xpath handling has been fixed. CVE-2010-4008 has been assigned to this issue.
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 53680
    published 2011-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53680
    title openSUSE Security Update : libxml2 (openSUSE-SU-2010:1004-1)
  • NASL family Windows
    NASL id ITUNES_10_2.NASL
    description The version of Apple iTunes installed on the remote Windows host is older than 10.2. As such, it is affected by numerous issues in the following components : - ImageIO - libxml - WebKit
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 52534
    published 2011-03-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52534
    title Apple iTunes < 10.2 Multiple Vulnerabilities (credentialed check)
  • NASL family Peer-To-Peer File Sharing
    NASL id ITUNES_10_2_BANNER.NASL
    description The version of Apple iTunes on the remote host is prior to version 10.2. It is, therefore, affected by multiple vulnerabilities in the WebKit, ImageIO, and libxml components. Note that these only affect iTunes for Windows.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 52535
    published 2011-03-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52535
    title Apple iTunes < 10.2 Multiple Vulnerabilities (uncredentialed check)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2011-001.NASL
    description The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2011-001 applied. This security update contains fixes for the following products : - Apache - bzip2 - ClamAV - ImageIO - Kerberos - Libinfo - libxml - Mailman - PHP - QuickLook - Ruby - X11
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 52753
    published 2011-03-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52753
    title Mac OS X Multiple Vulnerabilities (Security Update 2011-001)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1016-1.NASL
    description Bui Quang Minh discovered that libxml2 did not properly process XPath namespaces and attributes. If an application using libxml2 opened a specially crafted XML file, an attacker could cause a denial of service or possibly execute code as the user invoking the program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 50560
    published 2010-11-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50560
    title Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : libxml2 vulnerability (USN-1016-1)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-243.NASL
    description A vulnerability was discovered and corrected in libxml2 : libxml2 before 2.7.8 reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document (CVE-2010-4008). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90 The updated packages have been patched to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 50839
    published 2010-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50839
    title Mandriva Linux Security Advisory : libxml2 (MDVSA-2010:243)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBXML2-101103.NASL
    description libxml2: Invalid memory access in the xpath handling has been fixed. CVE-2010-4008 has been assigned to this issue.
    last seen 2018-09-01
    modified 2013-10-25
    plugin id 50947
    published 2010-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50947
    title SuSE 11 / 11.1 Security Update : libxml2 (SAT Patch Numbers 3460 / 3461)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_LIBXML2-7214.NASL
    description libxml2: Invalid memory access in the xpath handling has been fixed. CVE-2010-4008 has been assigned to this issue.
    last seen 2018-09-02
    modified 2012-07-24
    plugin id 50969
    published 2010-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50969
    title SuSE 10 Security Update : libxml2 (ZYPP Patch Number 7214)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_LIBXML2_20120821.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. (CVE-2010-4008)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80687
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80687
    title Oracle Solaris Third-Party Patch Update : libxml2 (cve_2010_4008_denial_of)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2128.NASL
    description Bui Quang Minh discovered that libxml2, a library for parsing and handling XML data files, does not well process a malformed XPATH, causing crash and allowing arbitrary code execution.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 50864
    published 2010-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50864
    title Debian DSA-2128-1 : libxml2 - invalid memory access
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2012-0008.NASL
    description a. ESX third-party update for Service Console kernel The ESX Service Console Operating System (COS) kernel is updated which addresses several security issues in the COS kernel. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-3191, CVE-2011-4348 and CVE-2012-0028 to these issues. b. Updated ESX Service Console package libxml2 The ESX Console Operating System (COS) libxml2 rpms are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2 and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919 to these issues.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 58903
    published 2012-04-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=58903
    title VMSA-2012-0008 : VMware ESX updates to ESX Service Console
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20130131_MINGW32_LIBXML2_ON_SL6_X.NASL
    description IMPORTANT NOTE: The mingw32 packages in Scientific Linux 6 will no longer be updated proactively and will be deprecated with the release of Scientific Linux 6.4. These packages were provided to support other capabilities in Scientific Linux and were not intended for direct use. You are advised to not use these packages with immediate effect. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5134) It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) Multiple flaws were found in the way libxml2 parsed certain XPath (XML Path Language) expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Two heap-based buffer overflow flaws were found in the way libxml2 decoded certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216, CVE-2011-3102) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905)
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 64425
    published 2013-02-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64425
    title Scientific Linux Security Update : mingw32-libxml2 on SL6.x (x86_64)
  • NASL family Misc.
    NASL id VMWARE_VMSA-2012-0012_REMOTE.NASL
    description The remote VMware ESX / ESXi host is affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist in the bundled libxml2 library in the xmlXPathNextPrecedingSibling(), xmlNodePtr(), and xmlXPathNextPrecedingInternal() functions due to improper processing of namespaces and attributes nodes. A remote attacker can exploit these, via a specially crafted XML file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2010-4008) - Multiple remote code execution vulnerabilities exist in the bundled libxml2 library in the xmlCharEncFirstLineInt() and xmlCharEncInFunc() functions due to an off-by-one overflow condition. A remote attacker can exploit these, via a specially crafted XML file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2011-0216) - A remote code execution vulnerability exists in the bundled libxml2 library due to improper sanitization of user-supplied input when processing an XPath nodeset. A remote attacker can exploit this, via a specially crafted request, to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2011-1944) - A remote code execution vulnerability exists in the bundled libxml2 library in the xmlXPathCompOpEval() function due to improper processing of invalid XPath expressions. A remote attacker can exploit this, via a specially crafted XSLT stylesheet, to cause a denial of service condition or the execution of arbitrary code. (CVE-2011-2834) - A denial of service vulnerability exists in the bundled libxml2 library due to multiple out-of-bounds read errors in parser.c that occur when getting a Stop order. A remote attacker can exploit this, via a specially crafted XML document, to cause a denial of service condition. (CVE-2011-3905) - A remote code execution vulnerability exists in the bundled libxml2 library in the xmlStringLenDecodeEntities() function in parser.c due to an overflow condition that occurs when copying entities. A remote attacker can exploit this, via a specially crafted request, to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2011-3919) - A denial of service vulnerability exists in the bundled libxml2 library due to improper processing of crafted parameters. A remote attacker can exploit this to cause a hash collision, resulting in a denial of service condition. (CVE-2012-0841)
    last seen 2019-02-21
    modified 2018-08-16
    plugin id 89037
    published 2016-02-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89037
    title VMware ESX / ESXi libxml2 Multiple Vulnerabilities (VMSA-2012-0012) (remote check)
  • NASL family Misc.
    NASL id VMWARE_VMSA-2012-0008_REMOTE.NASL
    description The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in the following components : - COS kernel - libxml2
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 89109
    published 2016-03-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89109
    title VMware ESX Service Console Multiple Vulnerabilities (VMSA-2012-0008) (remote check)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-0217.NASL
    description Updated mingw32-libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 6. This advisory also contains information about future updates for the mingw32 packages, as well as the deprecation of the packages with the release of Red Hat Enterprise Linux 6.4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW (Minimalist GNU for Windows). IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5134) It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) Multiple flaws were found in the way libxml2 parsed certain XPath (XML Path Language) expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Two heap-based buffer overflow flaws were found in the way libxml2 decoded certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216, CVE-2011-3102) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905) Red Hat would like to thank the Google Security Team for reporting the CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the original reporter of CVE-2010-4008. All users of mingw32-libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 64384
    published 2013-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64384
    title CentOS 6 : mingw32-libxml2 (CESA-2013:0217)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-1749.NASL
    description Updated libxml2 packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language (XPath), which is a language for addressing parts of an XML document. An off-by-one error, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) Multiple flaws were found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Note: Red Hat does not ship any applications that use libxml2 in a way that would allow the CVE-2011-1944, CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, and CVE-2011-2834 flaws to be exploited; however, third-party applications may allow XPath expressions to be passed which could trigger these flaws. Red Hat would like to thank the Google Security Team for reporting the CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the original reporter of CVE-2010-4008. This update also fixes the following bugs : * A number of patches have been applied to harden the XPath processing code in libxml2, such as fixing memory leaks, rounding errors, XPath numbers evaluations, and a potential error in encoding conversion. (BZ#732335) All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 57022
    published 2011-12-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57022
    title RHEL 6 : libxml2 (RHSA-2011:1749)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201110-26.NASL
    description The remote host is affected by the vulnerability described in GLSA-201110-26 (libxml2: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact : A local or remote attacker may be able to execute arbitrary code with the privileges of the application or cause a Denial of Service. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 56660
    published 2011-10-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56660
    title GLSA-201110-26 : libxml2: Multiple vulnerabilities
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20111206_LIBXML2_ON_SL6_X.NASL
    description The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language (XPath), which is a language for addressing parts of an XML document. An off-by-one error, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) Multiple flaws were found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Note: Scientific Linux generally does not ship any applications that use libxml2 in a way that would allow the CVE-2011-1944, CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, and CVE-2011-2834 flaws to be exploited; however, third-party applications may allow XPath expressions to be passed which could trigger these flaws. This update also fixes the following bugs : - A number of patches have been applied to harden the XPath processing code in libxml2, such as fixing memory leaks, rounding errors, XPath numbers evaluations, and a potential error in encoding conversion. All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61192
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61192
    title Scientific Linux Security Update : libxml2 on SL6.x i386/x86_64
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2012-0012.NASL
    description a. ESXi update to third-party component libxml2 The libxml2 third-party library has been updated which addresses multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919 and CVE-2012-0841 to these issues.
    last seen 2019-02-21
    modified 2018-09-06
    plugin id 59966
    published 2012-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59966
    title VMSA-2012-0012 : VMware ESXi update to third-party library
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-0217.NASL
    description From Red Hat Security Advisory 2013:0217 : Updated mingw32-libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 6. This advisory also contains information about future updates for the mingw32 packages, as well as the deprecation of the packages with the release of Red Hat Enterprise Linux 6.4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW (Minimalist GNU for Windows). IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5134) It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) Multiple flaws were found in the way libxml2 parsed certain XPath (XML Path Language) expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Two heap-based buffer overflow flaws were found in the way libxml2 decoded certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216, CVE-2011-3102) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905) Red Hat would like to thank the Google Security Team for reporting the CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the original reporter of CVE-2010-4008. All users of mingw32-libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68721
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68721
    title Oracle Linux 6 : mingw32-libxml2 (ELSA-2013-0217)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0217.NASL
    description Updated mingw32-libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 6. This advisory also contains information about future updates for the mingw32 packages, as well as the deprecation of the packages with the release of Red Hat Enterprise Linux 6.4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW (Minimalist GNU for Windows). IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5134) It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) Multiple flaws were found in the way libxml2 parsed certain XPath (XML Path Language) expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Two heap-based buffer overflow flaws were found in the way libxml2 decoded certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216, CVE-2011-3102) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905) Red Hat would like to thank the Google Security Team for reporting the CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the original reporter of CVE-2010-4008. All users of mingw32-libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 64391
    published 2013-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64391
    title RHEL 6 : mingw32-libxml2 (RHSA-2013:0217)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120111_LIBXML2_ON_SL5_X.NASL
    description The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language (XPath), which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) An off-by-one error, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) Flaws were found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2011-2834) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905) Note: Scientific Linux does not ship any applications that use libxml2 in a way that would allow the CVE-2011-1944, CVE-2010-4008, and CVE-2011-2834 flaws to be exploited; however, third-party applications may allow XPath expressions to be passed which could trigger these flaws. All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61217
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61217
    title Scientific Linux Security Update : libxml2 on SL5.x i386/x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-0017.NASL
    description Updated libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language (XPath), which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) An off-by-one error, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) Flaws were found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2011-2834) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905) Note: Red Hat does not ship any applications that use libxml2 in a way that would allow the CVE-2011-1944, CVE-2010-4008, and CVE-2011-2834 flaws to be exploited; however, third-party applications may allow XPath expressions to be passed which could trigger these flaws. Red Hat would like to thank the Google Security Team for reporting the CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the original reporter of CVE-2010-4008. All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 57492
    published 2012-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57492
    title RHEL 5 : libxml2 (RHSA-2012:0017)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-0017.NASL
    description Updated libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language (XPath), which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) An off-by-one error, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) Flaws were found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2011-2834) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905) Note: Red Hat does not ship any applications that use libxml2 in a way that would allow the CVE-2011-1944, CVE-2010-4008, and CVE-2011-2834 flaws to be exploited; however, third-party applications may allow XPath expressions to be passed which could trigger these flaws. Red Hat would like to thank the Google Security Team for reporting the CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the original reporter of CVE-2010-4008. All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 57487
    published 2012-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57487
    title CentOS 5 : libxml2 (CESA-2012:0017)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-0017.NASL
    description From Red Hat Security Advisory 2012:0017 : Updated libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language (XPath), which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) An off-by-one error, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) Flaws were found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2011-2834) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905) Note: Red Hat does not ship any applications that use libxml2 in a way that would allow the CVE-2011-1944, CVE-2010-4008, and CVE-2011-2834 flaws to be exploited; however, third-party applications may allow XPath expressions to be passed which could trigger these flaws. Red Hat would like to thank the Google Security Team for reporting the CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the original reporter of CVE-2010-4008. All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68429
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68429
    title Oracle Linux 5 : libxml2 (ELSA-2012-0017)
  • NASL family Misc.
    NASL id VMWARE_ESXI_5_0_BUILD_764879_REMOTE.NASL
    description The remote VMware ESXi 5.0 host is affected by the following security vulnerabilities : - Errors exist in the Libxml2 library functions 'xmlXPathNextPrecedingSibling', 'xmlNodePtr' and 'xmlXPathNextPrecedingInternal' that could allow denial of service attacks or arbitrary code execution. (CVE-2010-4008) - Buffer overflow errors exist in the libxml2 library functions 'xmlCharEncFirstLineInt' and 'xmlCharEncInFunc' that could allow denial of service attacks or arbitrary code execution. (CVE-2011-0216) - A buffer overflow error exists in the libxml2 library file 'xpath.c' related to handling 'XPath' nodesets that could allow denial of service attacks or arbitrary code execution. (CVE-2011-1944) - A double-free error exists in the libxml2 library function 'xmlXPathCompOpEval' related to handling invalid 'XPath' expressions that could allow denial of service attacks or arbitrary code execution. (CVE-2011-2834) - An out-of-bounds read error exists in the libxml2 library file 'parser.c' related to handling 'Stop' orders that could allow denial of service attacks. (CVE-2011-3905) - A buffer overflow error exists in the libxml2 library function 'xmlStringLenDecodeEntities' related to copying entities that could allow denial of service attacks or arbitrary code execution. (CVE-2011-3919) - An error exists in the libxml2 library related to hash collisions that could allow denial of service attacks. (CVE-2012-0841)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 70884
    published 2013-11-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70884
    title ESXi 5.0 < Build 764879 Multiple Vulnerabilities (remote check)
  • NASL family Web Servers
    NASL id HPSMH_6_3_0_22.NASL
    description According to the web server's banner, the version of HP System Management Homepage (SMH) hosted on the remote host is earlier than 6.3. Such versions are reportedly affected by the following vulnerabilities : - An error exists in the function 'fnmatch' in the bundled version of PHP that can lead to stack exhaustion. (CVE-2010-1917) - An information disclosure vulnerability exists in the 'var_export' function in the bundled version of PHP that can be triggered when handling certain error conditions. (CVE-2010-2531) - A double free vulnerability in the 'ssl3_get_key_exchange()' function in the third-party OpenSSL library could be abused to crash the application. (CVE-2010-2939) - A format string vulnerability in the phar extension in the bundled version of PHP could lead to the disclosure of memory contents and possibly allow execution of arbitrary code via a specially crafted 'phar://' URI. (CVE-2010-2950) - A NULL pointer dereference in 'ZipArchive::getArchiveComment' included with the bundled version of PHP can be abused to crash the application. (CVE-2010-3709) - The bundled version of libxml2 may read from invalid memory locations when processing malformed XPath expressions, resulting in an application crash. (CVE-2010-4008) - An error in the 'mb_strcut()' function in the bundled version of PHP can be exploited by passing a large 'length' parameter to disclose potentially sensitive information from the heap. (CVE-2010-4156) - An as-yet unspecified remote code execution vulnerability could allow an authenticated user to execute arbitrary code with system privileges. (CVE-2011-1540) - An as-yet unspecified, unauthorized access vulnerability could lead to a complete system compromise. (CVE-2011-1541)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 53532
    published 2011-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53532
    title HP System Management Homepage < 6.3 Multiple Vulnerabilities
oval via4
accepted 2013-08-12T04:01:09.916-04:00
class vulnerability
contributors
  • name SecPod Team
    organization SecPod Technologies
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Maria Kedovskaya
    organization ALTX-SOFT
definition_extensions
comment Google Chrome is installed
oval oval:org.mitre.oval:def:11914
description libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.
family windows
id oval:org.mitre.oval:def:12148
status accepted
submitted 2010-11-27T06:04:55
title Vulnerability in libxml2 in Google Chrome before 7.0.517.44
version 50
redhat via4
advisories
  • rhsa
    id RHSA-2011:1749
  • rhsa
    id RHSA-2013:0217
rpms
  • libxml2-0:2.7.6-4.el6
  • libxml2-devel-0:2.7.6-4.el6
  • libxml2-python-0:2.7.6-4.el6
  • libxml2-static-0:2.7.6-4.el6
  • libxml2-0:2.6.26-2.1.12.el5_7.2
  • libxml2-devel-0:2.6.26-2.1.12.el5_7.2
  • libxml2-python-0:2.6.26-2.1.12.el5_7.2
  • mingw32-libxml2-0:2.7.6-6.el6_3
  • mingw32-libxml2-static-0:2.7.6-6.el6_3
refmap via4
apple
  • APPLE-SA-2010-11-22-1
  • APPLE-SA-2011-03-02-1
  • APPLE-SA-2011-03-09-2
  • APPLE-SA-2011-03-21-1
bid 44779
confirm
debian DSA-2128
hp
  • HPSBGN02970
  • HPSBMA02662
  • SSRT100409
mandriva MDVSA-2010:243
misc http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/
mlist [xml] 20101104 Release of libxml2-2.7.8
secunia
  • 40775
  • 42109
  • 42175
  • 42314
  • 42429
suse SUSE-SR:2010:023
ubuntu USN-1016-1
vupen
  • ADV-2010-3046
  • ADV-2010-3076
  • ADV-2010-3100
  • ADV-2011-0230
vmware via4
  • description The ESX Console Operating System (COS) libxml2 rpms are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2 and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several security issues.
    id VMSA-2012-0008
    last_updated 2012-09-13T00:00:00
    published 2012-04-26T00:00:00
    title Updated ESX Service Console package libxml2
  • description The libxml2 third party library has been updated which addresses multiple security issues
    id VMSA-2012-0012
    last_updated 2012-09-13T00:00:00
    published 2012-07-12T00:00:00
    title ESXi update to third party component libxml2
Last major update 22-08-2016 - 22:02
Published 16-11-2010 - 20:00
Last modified 18-09-2017 - 21:31
Back to Top