ID CVE-2012-0841
Summary libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data.
References
Vulnerable Configurations
  • XMLSoft Libxml2 2.7.8
    cpe:2.3:a:xmlsoft:libxml2:2.7.8
  • XMLSoft Libxml2 2.7.7
    cpe:2.3:a:xmlsoft:libxml2:2.7.7
  • XMLSoft Libxml2 2.7.6
    cpe:2.3:a:xmlsoft:libxml2:2.7.6
  • XMLSoft Libxml2 2.7.5
    cpe:2.3:a:xmlsoft:libxml2:2.7.5
  • XMLSoft Libxml2 2.7.4
    cpe:2.3:a:xmlsoft:libxml2:2.7.4
  • XMLSoft Libxml2 2.7.3
    cpe:2.3:a:xmlsoft:libxml2:2.7.3
  • XMLSoft Libxml2 2.7.2
    cpe:2.3:a:xmlsoft:libxml2:2.7.2
  • XMLSoft Libxml2 2.7.1
    cpe:2.3:a:xmlsoft:libxml2:2.7.1
  • XMLSoft Libxml2 2.7.0
    cpe:2.3:a:xmlsoft:libxml2:2.7.0
  • XMLSoft Libxml2 2.6.32
    cpe:2.3:a:xmlsoft:libxml2:2.6.32
  • XMLSoft Libxml2 2.6.31
    cpe:2.3:a:xmlsoft:libxml2:2.6.31
  • XMLSoft Libxml2 2.6.30
    cpe:2.3:a:xmlsoft:libxml2:2.6.30
  • XMLSoft Libxml2 2.6.29
    cpe:2.3:a:xmlsoft:libxml2:2.6.29
  • XMLSoft Libxml2 2.6.28
    cpe:2.3:a:xmlsoft:libxml2:2.6.28
  • XMLSoft Libxml2 2.6.27
    cpe:2.3:a:xmlsoft:libxml2:2.6.27
  • XMLSoft Libxml2 2.6.26
    cpe:2.3:a:xmlsoft:libxml2:2.6.26
  • XMLSoft Libxml2 2.6.25
    cpe:2.3:a:xmlsoft:libxml2:2.6.25
  • XMLSoft Libxml2 2.6.24
    cpe:2.3:a:xmlsoft:libxml2:2.6.24
  • XMLSoft Libxml2 2.6.23
    cpe:2.3:a:xmlsoft:libxml2:2.6.23
  • XMLSoft Libxml2 2.6.22
    cpe:2.3:a:xmlsoft:libxml2:2.6.22
  • XMLSoft Libxml2 2.6.21
    cpe:2.3:a:xmlsoft:libxml2:2.6.21
  • XMLSoft Libxml2 2.6.20
    cpe:2.3:a:xmlsoft:libxml2:2.6.20
  • XMLSoft Libxml2 2.6.11
    cpe:2.3:a:xmlsoft:libxml2:2.6.11
  • XMLSoft Libxml2 2.6.1
    cpe:2.3:a:xmlsoft:libxml2:2.6.1
  • XMLSoft Libxml2 2.6.0
    cpe:2.3:a:xmlsoft:libxml2:2.6.0
  • XMLSoft Libxml2 2.6.5
    cpe:2.3:a:xmlsoft:libxml2:2.6.5
  • XMLSoft Libxml2 2.6.6
    cpe:2.3:a:xmlsoft:libxml2:2.6.6
  • XMLSoft Libxml2 2.6.3
    cpe:2.3:a:xmlsoft:libxml2:2.6.3
  • XMLSoft Libxml2 2.6.4
    cpe:2.3:a:xmlsoft:libxml2:2.6.4
  • XMLSoft Libxml2 2.6.14
    cpe:2.3:a:xmlsoft:libxml2:2.6.14
  • XMLSoft Libxml2 2.6.2
    cpe:2.3:a:xmlsoft:libxml2:2.6.2
  • XMLSoft Libxml2 2.6.12
    cpe:2.3:a:xmlsoft:libxml2:2.6.12
  • XMLSoft Libxml2 2.6.13
    cpe:2.3:a:xmlsoft:libxml2:2.6.13
  • XMLSoft Libxml2 2.6.9
    cpe:2.3:a:xmlsoft:libxml2:2.6.9
  • XMLSoft Libxml2 2.6.7
    cpe:2.3:a:xmlsoft:libxml2:2.6.7
  • XMLSoft Libxml2 2.6.8
    cpe:2.3:a:xmlsoft:libxml2:2.6.8
  • XMLSoft Libxml2 2.6.17
    cpe:2.3:a:xmlsoft:libxml2:2.6.17
  • Xmlsoft Libxml2 2.6.16
    cpe:2.3:a:xmlsoft:libxml2:2.6.16
  • XMLSoft Libxml2 2.6.18
    cpe:2.3:a:xmlsoft:libxml2:2.6.18
  • XMLSoft Libxml2 2.5.0
    cpe:2.3:a:xmlsoft:libxml2:2.5.0
  • XMLSoft Libxml2 2.5.4
    cpe:2.3:a:xmlsoft:libxml2:2.5.4
  • XMLSoft Libxml2 2.5.11
    cpe:2.3:a:xmlsoft:libxml2:2.5.11
  • Xmlsoft Libxml2 2.5.10
    cpe:2.3:a:xmlsoft:libxml2:2.5.10
  • XMLSoft Libxml2 2.5.7
    cpe:2.3:a:xmlsoft:libxml2:2.5.7
  • XMLSoft Libxml2 2.5.8
    cpe:2.3:a:xmlsoft:libxml2:2.5.8
  • XMLSoft Libxml2 2.4.23
    cpe:2.3:a:xmlsoft:libxml2:2.4.23
  • XMLSoft Libxml2 2.4.19
    cpe:2.3:a:xmlsoft:libxml2:2.4.19
  • XMLSoft Libxml2 2.4.30
    cpe:2.3:a:xmlsoft:libxml2:2.4.30
  • XMLSoft Libxml2 2.4.28
    cpe:2.3:a:xmlsoft:libxml2:2.4.28
  • XMLSoft Libxml2 2.4.29
    cpe:2.3:a:xmlsoft:libxml2:2.4.29
  • XMLSoft Libxml2 2.4.26
    cpe:2.3:a:xmlsoft:libxml2:2.4.26
  • XMLSoft Libxml2 2.4.27
    cpe:2.3:a:xmlsoft:libxml2:2.4.27
  • XMLSoft Libxml2 2.4.17
    cpe:2.3:a:xmlsoft:libxml2:2.4.17
  • XMLSoft Libxml2 2.4.16
    cpe:2.3:a:xmlsoft:libxml2:2.4.16
  • XMLSoft Libxml2 2.4.20
    cpe:2.3:a:xmlsoft:libxml2:2.4.20
  • XMLSoft Libxml2 2.4.18
    cpe:2.3:a:xmlsoft:libxml2:2.4.18
  • XMLSoft Libxml2 2.4.22
    cpe:2.3:a:xmlsoft:libxml2:2.4.22
  • XMLSoft Libxml2 2.4.21
    cpe:2.3:a:xmlsoft:libxml2:2.4.21
  • XMLSoft Libxml2 2.4.25
    cpe:2.3:a:xmlsoft:libxml2:2.4.25
  • XMLSoft Libxml2 2.4.24
    cpe:2.3:a:xmlsoft:libxml2:2.4.24
  • XMLSoft Libxml2 2.4.9
    cpe:2.3:a:xmlsoft:libxml2:2.4.9
  • XMLSoft Libxml2 2.4.8
    cpe:2.3:a:xmlsoft:libxml2:2.4.8
  • XMLSoft Libxml2 2.4.11
    cpe:2.3:a:xmlsoft:libxml2:2.4.11
  • XMLSoft Libxml2 2.4.10
    cpe:2.3:a:xmlsoft:libxml2:2.4.10
  • XMLSoft Libxml2 2.4.13
    cpe:2.3:a:xmlsoft:libxml2:2.4.13
  • XMLSoft Libxml2 2.4.12
    cpe:2.3:a:xmlsoft:libxml2:2.4.12
  • XMLSoft Libxml2 2.4.15
    cpe:2.3:a:xmlsoft:libxml2:2.4.15
  • XMLSoft Libxml2 2.4.14
    cpe:2.3:a:xmlsoft:libxml2:2.4.14
  • XMLSoft Libxml2 2.4.1
    cpe:2.3:a:xmlsoft:libxml2:2.4.1
  • XMLSoft Libxml2 2.4.2
    cpe:2.3:a:xmlsoft:libxml2:2.4.2
  • XMLSoft Libxml2 2.4.3
    cpe:2.3:a:xmlsoft:libxml2:2.4.3
  • XMLSoft Libxml2 2.4.4
    cpe:2.3:a:xmlsoft:libxml2:2.4.4
  • XMLSoft Libxml2 2.4.5
    cpe:2.3:a:xmlsoft:libxml2:2.4.5
  • XMLSoft Libxml2 2.4.6
    cpe:2.3:a:xmlsoft:libxml2:2.4.6
  • XMLSoft Libxml2 2.4.7
    cpe:2.3:a:xmlsoft:libxml2:2.4.7
  • XMLSoft Libxml2 2.3.9
    cpe:2.3:a:xmlsoft:libxml2:2.3.9
  • XMLSoft Libxml2 2.3.10
    cpe:2.3:a:xmlsoft:libxml2:2.3.10
  • XMLSoft Libxml2 2.3.11
    cpe:2.3:a:xmlsoft:libxml2:2.3.11
  • XMLSoft Libxml2 2.3.12
    cpe:2.3:a:xmlsoft:libxml2:2.3.12
  • XMLSoft Libxml2 2.3.13
    cpe:2.3:a:xmlsoft:libxml2:2.3.13
  • XMLSoft Libxml2 2.3.14
    cpe:2.3:a:xmlsoft:libxml2:2.3.14
  • XMLSoft Libxml2 2.3.4
    cpe:2.3:a:xmlsoft:libxml2:2.3.4
  • XMLSoft Libxml2 2.3.3
    cpe:2.3:a:xmlsoft:libxml2:2.3.3
  • XMLSoft Libxml2 2.3.2
    cpe:2.3:a:xmlsoft:libxml2:2.3.2
  • XMLSoft Libxml2 2.3.1
    cpe:2.3:a:xmlsoft:libxml2:2.3.1
  • XMLSoft Libxml2 2.3.8
    cpe:2.3:a:xmlsoft:libxml2:2.3.8
  • XMLSoft Libxml2 2.3.7
    cpe:2.3:a:xmlsoft:libxml2:2.3.7
  • XMLSoft Libxml2 2.3.6
    cpe:2.3:a:xmlsoft:libxml2:2.3.6
  • XMLSoft Libxml2 2.3.5
    cpe:2.3:a:xmlsoft:libxml2:2.3.5
  • XMLSoft Libxml2 2.3.0
    cpe:2.3:a:xmlsoft:libxml2:2.3.0
  • XMLSoft Libxml2 2.2.0 beta
    cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta
  • XMLSoft Libxml2 2.2.8
    cpe:2.3:a:xmlsoft:libxml2:2.2.8
  • XMLSoft Libxml2 2.2.7
    cpe:2.3:a:xmlsoft:libxml2:2.2.7
  • XMLSoft Libxml2 2.2.6
    cpe:2.3:a:xmlsoft:libxml2:2.2.6
  • XMLSoft Libxml2 2.2.5
    cpe:2.3:a:xmlsoft:libxml2:2.2.5
  • XMLSoft Libxml2 2.2.11
    cpe:2.3:a:xmlsoft:libxml2:2.2.11
  • XMLSoft Libxml2 2.2.10
    cpe:2.3:a:xmlsoft:libxml2:2.2.10
  • XMLSoft Libxml2 2.2.9
    cpe:2.3:a:xmlsoft:libxml2:2.2.9
  • XMLSoft Libxml2 2.2.0
    cpe:2.3:a:xmlsoft:libxml2:2.2.0
  • XMLSoft Libxml2 2.2.3
    cpe:2.3:a:xmlsoft:libxml2:2.2.3
  • XMLSoft Libxml2 2.2.4
    cpe:2.3:a:xmlsoft:libxml2:2.2.4
  • XMLSoft Libxml2 2.2.1
    cpe:2.3:a:xmlsoft:libxml2:2.2.1
  • XMLSoft Libxml2 2.2.2
    cpe:2.3:a:xmlsoft:libxml2:2.2.2
  • XMLSoft Libxml2 2.1.1
    cpe:2.3:a:xmlsoft:libxml2:2.1.1
  • XMLSoft Libxml2 2.1.0
    cpe:2.3:a:xmlsoft:libxml2:2.1.0
  • XMLSoft Libxml2 2.0.0
    cpe:2.3:a:xmlsoft:libxml2:2.0.0
  • XMLSoft Libxml2 1.7.3
    cpe:2.3:a:xmlsoft:libxml2:1.7.3
  • XMLSoft Libxml2 1.7.4
    cpe:2.3:a:xmlsoft:libxml2:1.7.4
  • XMLSoft Libxml2 1.8.0
    cpe:2.3:a:xmlsoft:libxml2:1.8.0
  • XMLSoft Libxml2 1.8.1
    cpe:2.3:a:xmlsoft:libxml2:1.8.1
  • XMLSoft Libxml2 1.7.0
    cpe:2.3:a:xmlsoft:libxml2:1.7.0
  • XMLSoft Libxml2 1.7.1
    cpe:2.3:a:xmlsoft:libxml2:1.7.1
  • XMLSoft Libxml2 1.7.2
    cpe:2.3:a:xmlsoft:libxml2:1.7.2
  • XMLSoft Libxml2 1.8.16
    cpe:2.3:a:xmlsoft:libxml2:1.8.16
  • XMLSoft Libxml2 1.8.13
    cpe:2.3:a:xmlsoft:libxml2:1.8.13
  • XMLSoft Libxml2 1.8.14
    cpe:2.3:a:xmlsoft:libxml2:1.8.14
  • XMLSoft Libxml2 1.8.10
    cpe:2.3:a:xmlsoft:libxml2:1.8.10
  • XMLSoft Libxml2 1.8.9
    cpe:2.3:a:xmlsoft:libxml2:1.8.9
  • XMLSoft Libxml2 1.8.4
    cpe:2.3:a:xmlsoft:libxml2:1.8.4
  • XMLSoft Libxml2 1.8.5
    cpe:2.3:a:xmlsoft:libxml2:1.8.5
  • XMLSoft Libxml2 1.8.2
    cpe:2.3:a:xmlsoft:libxml2:1.8.2
  • XMLSoft Libxml2 1.8.3
    cpe:2.3:a:xmlsoft:libxml2:1.8.3
  • XMLSoft Libxml2 1.8.6
    cpe:2.3:a:xmlsoft:libxml2:1.8.6
  • XMLSoft Libxml2 1.8.7
    cpe:2.3:a:xmlsoft:libxml2:1.8.7
  • Apple iPhone OS 6.1.4
    cpe:2.3:o:apple:iphone_os:6.1.4
  • Apple iPhone OS 1.0.0
    cpe:2.3:o:apple:iphone_os:1.0.0
  • Apple iPhone OS 1.0.1
    cpe:2.3:o:apple:iphone_os:1.0.1
  • Apple iPhone OS 1.0.2
    cpe:2.3:o:apple:iphone_os:1.0.2
  • Apple iPhone OS 1.1.0
    cpe:2.3:o:apple:iphone_os:1.1.0
  • Apple iPhone OS 1.1.1
    cpe:2.3:o:apple:iphone_os:1.1.1
  • Apple iPhone OS 1.1.2
    cpe:2.3:o:apple:iphone_os:1.1.2
  • Apple iPhone OS 1.1.3
    cpe:2.3:o:apple:iphone_os:1.1.3
  • Apple iPhone OS 1.1.4
    cpe:2.3:o:apple:iphone_os:1.1.4
  • Apple iPhone OS 1.1.5
    cpe:2.3:o:apple:iphone_os:1.1.5
  • Apple iPhone OS 2.0
    cpe:2.3:o:apple:iphone_os:2.0
  • Apple iPhone OS 2.0.0
    cpe:2.3:o:apple:iphone_os:2.0.0
  • Apple iPhone OS 2.0.1
    cpe:2.3:o:apple:iphone_os:2.0.1
  • Apple iPhone OS 2.0.2
    cpe:2.3:o:apple:iphone_os:2.0.2
  • Apple iPhone OS 2.1
    cpe:2.3:o:apple:iphone_os:2.1
  • Apple iPhone OS 2.1.1
    cpe:2.3:o:apple:iphone_os:2.1.1
  • Apple iPhone OS 2.2
    cpe:2.3:o:apple:iphone_os:2.2
  • Apple iPhone OS 2.2.1
    cpe:2.3:o:apple:iphone_os:2.2.1
  • Apple iPhone OS 3.0
    cpe:2.3:o:apple:iphone_os:3.0
  • Apple iPhone OS 3.0.1
    cpe:2.3:o:apple:iphone_os:3.0.1
  • Apple iPhone OS 3.1
    cpe:2.3:o:apple:iphone_os:3.1
  • Apple iPhone OS 3.1.2
    cpe:2.3:o:apple:iphone_os:3.1.2
  • Apple iPhone OS 3.1.3
    cpe:2.3:o:apple:iphone_os:3.1.3
  • Apple iPhone OS 3.2
    cpe:2.3:o:apple:iphone_os:3.2
  • Apple iPhone OS 3.2.1
    cpe:2.3:o:apple:iphone_os:3.2.1
  • Apple iPhone OS 3.2.2
    cpe:2.3:o:apple:iphone_os:3.2.2
  • Apple iPhone OS 4.0
    cpe:2.3:o:apple:iphone_os:4.0
  • Apple iPhone OS 4.0.1
    cpe:2.3:o:apple:iphone_os:4.0.1
  • Apple iPhone OS 4.0.2
    cpe:2.3:o:apple:iphone_os:4.0.2
  • Apple iPhone OS 4.1
    cpe:2.3:o:apple:iphone_os:4.1
  • Apple iPhone OS 4.2.1
    cpe:2.3:o:apple:iphone_os:4.2.1
  • Apple iPhone OS 4.2.5
    cpe:2.3:o:apple:iphone_os:4.2.5
  • Apple iPhone OS 4.2.8
    cpe:2.3:o:apple:iphone_os:4.2.8
  • Apple iPhone OS 4.3.0
    cpe:2.3:o:apple:iphone_os:4.3.0
  • Apple iPhone OS 4.3.1
    cpe:2.3:o:apple:iphone_os:4.3.1
  • Apple iPhone OS 4.3.2
    cpe:2.3:o:apple:iphone_os:4.3.2
  • Apple iPhone OS 4.3.3
    cpe:2.3:o:apple:iphone_os:4.3.3
  • Apple iPhone OS 4.3.5
    cpe:2.3:o:apple:iphone_os:4.3.5
  • Apple iPhone OS 5.0
    cpe:2.3:o:apple:iphone_os:5.0
  • Apple iPhone OS 5.0.1
    cpe:2.3:o:apple:iphone_os:5.0.1
  • Apple iPhone OS 5.1
    cpe:2.3:o:apple:iphone_os:5.1
  • Apple iPhone OS 5.1.1
    cpe:2.3:o:apple:iphone_os:5.1.1
  • Apple iPhone OS 6.0
    cpe:2.3:o:apple:iphone_os:6.0
  • Apple iPhone OS 6.0.1
    cpe:2.3:o:apple:iphone_os:6.0.1
  • Apple iPhone OS 6.0.2
    cpe:2.3:o:apple:iphone_os:6.0.2
  • Apple iPhone OS 6.1
    cpe:2.3:o:apple:iphone_os:6.1
  • Apple iPhone OS 6.1.2
    cpe:2.3:o:apple:iphone_os:6.1.2
  • Apple iPhone OS 6.1.3
    cpe:2.3:o:apple:iphone_os:6.1.3
CVSS
Base: 5.0 (as of 26-09-2013 - 14:11)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBXML2-120223.NASL
    description This update of libxml2 fixes the hash table collision flaw which could be exploited by attackers to cause a Denial of Service. (CVE-2012-0841)
    last seen 2018-09-01
    modified 2015-01-26
    plugin id 64203
    published 2013-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64203
    title SuSE 11.1 Security Update : libxml2 (SAT Patch Number 5869)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2012-179.NASL
    description - add fix for hash table collisions CVE-2012-0841 (bnc#748561)
    last seen 2018-09-01
    modified 2015-01-26
    plugin id 74577
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74577
    title openSUSE Security Update : libxml2 (openSUSE-SU-2012:0421-1)
  • NASL family Windows
    NASL id ITUNES_11_1_2.NASL
    description The version of Apple iTunes installed on the remote Windows host is older than 11.1.2. It is, therefore, potentially affected by several issues : - An uninitialized memory access issue exists in the handling of text tracks, which could lead to memory corruption and possibly arbitrary code execution. (CVE-2013-1024) - The included versions of WebKit, libxml, and libxslt contain several errors that could lead to memory corruption and possibly arbitrary code execution. The vendor notes that one possible attack vector is a man-in-the-middle attack while the application browses the 'iTunes Store'. (CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128)
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 70588
    published 2013-10-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70588
    title Apple iTunes < 11.1.2 Multiple Vulnerabilities (credentialed check)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-0324.NASL
    description From Red Hat Security Advisory 2012:0324 : Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen 2018-09-01
    modified 2018-07-18
    plugin id 68489
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68489
    title Oracle Linux 5 / 6 : libxml2 (ELSA-2012-0324)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-0217.NASL
    description From Red Hat Security Advisory 2013:0217 : Updated mingw32-libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 6. This advisory also contains information about future updates for the mingw32 packages, as well as the deprecation of the packages with the release of Red Hat Enterprise Linux 6.4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW (Minimalist GNU for Windows). IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5134) It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) Multiple flaws were found in the way libxml2 parsed certain XPath (XML Path Language) expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Two heap-based buffer overflow flaws were found in the way libxml2 decoded certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216, CVE-2011-3102) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905) Red Hat would like to thank the Google Security Team for reporting the CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the original reporter of CVE-2010-4008. All users of mingw32-libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2018-09-01
    modified 2018-07-18
    plugin id 68721
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68721
    title Oracle Linux 6 : mingw32-libxml2 (ELSA-2013-0217)
  • NASL family Misc.
    NASL id VMWARE_VMSA-2012-0012_REMOTE.NASL
    description The remote VMware ESX / ESXi host is affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist in the bundled libxml2 library in the xmlXPathNextPrecedingSibling(), xmlNodePtr(), and xmlXPathNextPrecedingInternal() functions due to improper processing of namespaces and attributes nodes. A remote attacker can exploit these, via a specially crafted XML file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2010-4008) - Multiple remote code execution vulnerabilities exist in the bundled libxml2 library in the xmlCharEncFirstLineInt() and xmlCharEncInFunc() functions due to an off-by-one overflow condition. A remote attacker can exploit these, via a specially crafted XML file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2011-0216) - A remote code execution vulnerability exists in the bundled libxml2 library due to improper sanitization of user-supplied input when processing an XPath nodeset. A remote attacker can exploit this, via a specially crafted request, to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2011-1944) - A remote code execution vulnerability exists in the bundled libxml2 library in the xmlXPathCompOpEval() function due to improper processing of invalid XPath expressions. A remote attacker can exploit this, via a specially crafted XSLT stylesheet, to cause a denial of service condition or the execution of arbitrary code. (CVE-2011-2834) - A denial of service vulnerability exists in the bundled libxml2 library due to multiple out-of-bounds read errors in parser.c that occur when getting a Stop order. A remote attacker can exploit this, via a specially crafted XML document, to cause a denial of service condition. (CVE-2011-3905) - A remote code execution vulnerability exists in the bundled libxml2 library in the xmlStringLenDecodeEntities() function in parser.c due to an overflow condition that occurs when copying entities. A remote attacker can exploit this, via a specially crafted request, to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2011-3919) - A denial of service vulnerability exists in the bundled libxml2 library due to improper processing of crafted parameters. A remote attacker can exploit this to cause a hash collision, resulting in a denial of service condition. (CVE-2012-0841)
    last seen 2018-09-01
    modified 2018-08-16
    plugin id 89037
    published 2016-02-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89037
    title VMware ESX / ESXi libxml2 Multiple Vulnerabilities (VMSA-2012-0012) (remote check)
  • NASL family Misc.
    NASL id APPLETV_6_0.NASL
    description According to its banner, the remote Apple TV 2nd generation or later device is prior to 6.0. It is, therefore, reportedly affected by multiple vulnerabilities, the most serious issues of which could result in arbitrary code execution.
    last seen 2018-09-02
    modified 2018-06-27
    plugin id 70257
    published 2013-10-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70257
    title Apple TV < 6.0 Multiple Vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2417.NASL
    description It was discovered that the internal hashing routine of libxml2, a library providing an extensive API to handle XML data, is vulnerable to predictable hash collisions. Given an attacker with knowledge of the hashing algorithm, it is possible to craft input that creates a large amount of collisions. As a result it is possible to perform denial of service attacks against applications using libxml2 functionality because of the computational overhead.
    last seen 2018-09-01
    modified 2018-07-09
    plugin id 58097
    published 2012-02-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=58097
    title Debian DSA-2417-1 : libxml2 - computational denial of service
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2012-52.NASL
    description It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841)
    last seen 2018-09-02
    modified 2018-04-18
    plugin id 69659
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69659
    title Amazon Linux AMI : libxml2 (ALAS-2012-52)
  • NASL family Peer-To-Peer File Sharing
    NASL id ITUNES_11_1_2_BANNER.NASL
    description The version of Apple iTunes on the remote host is prior to version 11.1.2. It is, therefore, affected by multiple vulnerabilities : - An uninitialized memory access error exists in the handling of text tracks. By using a specially crafted movie file, a remote attacker can exploit this to cause a denial of service or execute arbitrary code. (CVE-2013-1024) - The included versions of the WebKit, libxml, and libxslt components in iTunes contain several errors that can lead to memory corruption and arbitrary code execution. The vendor states that one possible vector is a man-in- the-middle attack while the application browses the 'iTunes Store'. (CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128)
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 70589
    published 2013-10-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70589
    title Apple iTunes < 11.1.2 Multiple Vulnerabilities (uncredentialed check)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-13824.NASL
    description lot of security bug fixes Lots of security patches Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2015-10-20
    plugin id 62324
    published 2012-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62324
    title Fedora 16 : libxml2-2.7.8-8.fc16 (2012-13824)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_4_LIBXML2-120224.NASL
    description This update of libxml2 fixes the hash table collision flaw which could be exploited by attackers to cause a Denial of Service (CVE-2012-0841).
    last seen 2018-09-01
    modified 2018-07-31
    plugin id 75938
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75938
    title openSUSE Security Update : libxml2 (openSUSE-SU-2012:0342-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-0217.NASL
    description Updated mingw32-libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 6. This advisory also contains information about future updates for the mingw32 packages, as well as the deprecation of the packages with the release of Red Hat Enterprise Linux 6.4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW (Minimalist GNU for Windows). IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5134) It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) Multiple flaws were found in the way libxml2 parsed certain XPath (XML Path Language) expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Two heap-based buffer overflow flaws were found in the way libxml2 decoded certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216, CVE-2011-3102) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905) Red Hat would like to thank the Google Security Team for reporting the CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the original reporter of CVE-2010-4008. All users of mingw32-libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2018-09-01
    modified 2018-07-02
    plugin id 64384
    published 2013-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64384
    title CentOS 6 : mingw32-libxml2 (CESA-2013:0217)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1376-1.NASL
    description Juraj Somorovsky discovered that libxml2 was vulnerable to hash table collisions. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-08-01
    plugin id 58145
    published 2012-02-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=58145
    title Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : libxml2 vulnerability (USN-1376-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-13820.NASL
    description Lot of security fixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2015-10-20
    plugin id 62323
    published 2012-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62323
    title Fedora 17 : libxml2-2.7.8-9.fc17 (2012-13820)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_LIBXML2-7997.NASL
    description This update of libxml2 fixes the hash table collision flaw which could be exploited by attackers to cause a Denial of Service. (CVE-2012-0841)
    last seen 2018-09-01
    modified 2015-01-26
    plugin id 59163
    published 2012-05-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59163
    title SuSE 10 Security Update : libxml2 (ZYPP Patch Number 7997)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120221_LIBXML2_ON_SL5_X.NASL
    description The libxml2 library is a development toolbox providing the implementation of various XML standards. It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen 2018-09-01
    modified 2015-01-26
    plugin id 61268
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61268
    title Scientific Linux Security Update : libxml2 on SL5.x, SL6.x i386/x86_64
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_LIBXML2_20121120.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site. (CVE-2011-0216) - Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. (CVE-2011-2821) - Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. (CVE-2011-2834) - Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. (CVE-2011-3102) - libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. (CVE-2011-3905) - Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. (CVE-2011-3919) - libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data. (CVE-2012-0841)
    last seen 2018-09-01
    modified 2015-01-26
    plugin id 80688
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80688
    title Oracle Solaris Third-Party Patch Update : libxml2 (cve_2011_0216_denial_of)
  • NASL family Junos Local Security Checks
    NASL id JUNIPER_JSA10669.NASL
    description According to its self-reported version number, the remote Junos device is affected by multiple vulnerabilities in the libxml2 library : - A heap-based buffer overflow vulnerability exists which can result in arbitrary code execution. (CVE-2011-1944) - A denial of service vulnerability exists which can result in excessive CPU consumption. (CVE-2012-0841) - A heap-based buffer overflow vulnerability exists in the 'xmlParseAttValueComplex' function which can result in arbitrary code execution. (CVE-2012-5134) - A denial of service vulnerability exists due to excessive CPU and memory consumption in the processing of XML files containing entity declarations with long replacement text (also known as 'internal entity expansion with linear complexity'). (CVE-2013-0338) - A denial of service vulnerability exists related to the XML_PARSER_EOF state checking. (CVE-2013-2877) These vulnerabilities can be exploited by a remote attacker via a specially crafted XML file.
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 80957
    published 2015-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80957
    title Juniper Junos libxml2 Library Multiple Vulnerabilities (JSA10669)
  • NASL family Misc.
    NASL id VMWARE_ESXI_5_0_BUILD_764879_REMOTE.NASL
    description The remote VMware ESXi 5.0 host is affected by the following security vulnerabilities : - Errors exist in the Libxml2 library functions 'xmlXPathNextPrecedingSibling', 'xmlNodePtr' and 'xmlXPathNextPrecedingInternal' that could allow denial of service attacks or arbitrary code execution. (CVE-2010-4008) - Buffer overflow errors exist in the libxml2 library functions 'xmlCharEncFirstLineInt' and 'xmlCharEncInFunc' that could allow denial of service attacks or arbitrary code execution. (CVE-2011-0216) - A buffer overflow error exists in the libxml2 library file 'xpath.c' related to handling 'XPath' nodesets that could allow denial of service attacks or arbitrary code execution. (CVE-2011-1944) - A double-free error exists in the libxml2 library function 'xmlXPathCompOpEval' related to handling invalid 'XPath' expressions that could allow denial of service attacks or arbitrary code execution. (CVE-2011-2834) - An out-of-bounds read error exists in the libxml2 library file 'parser.c' related to handling 'Stop' orders that could allow denial of service attacks. (CVE-2011-3905) - A buffer overflow error exists in the libxml2 library function 'xmlStringLenDecodeEntities' related to copying entities that could allow denial of service attacks or arbitrary code execution. (CVE-2011-3919) - An error exists in the libxml2 library related to hash collisions that could allow denial of service attacks. (CVE-2012-0841)
    last seen 2018-09-01
    modified 2018-08-06
    plugin id 70884
    published 2013-11-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70884
    title ESXi 5.0 < Build 764879 Multiple Vulnerabilities (remote check)
  • NASL family Misc.
    NASL id VMWARE_VMSA-2012-0013_REMOTE.NASL
    description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party libraries : - Apache Struts - glibc - GnuTLS - JRE - kernel - libxml2 - OpenSSL - Perl - popt and rpm
    last seen 2018-09-01
    modified 2018-08-16
    plugin id 89038
    published 2016-02-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89038
    title VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0013) (remote check)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2012-0013.NASL
    description a. vCenter and ESX update to JRE 1.6.0 Update 31 The Oracle (Sun) JRE is updated to version 1.6.0_31, which addresses multiple security issues. Oracle has documented the CVE identifiers that are addressed by this update in the Oracle Java SE Critical Patch Update Advisory of February 2012. b. vCenter Update Manager update to JRE 1.5.0 Update 36 The Oracle (Sun) JRE is updated to 1.5.0_36 to address multiple security issues. Oracle has documented the CVE identifiers that are addressed in JRE 1.5.0_36 in the Oracle Java SE Critical Patch Update Advisory for June 2012. c. Update to ESX/ESXi userworld OpenSSL library The ESX/ESXi userworld OpenSSL library is updated from version 0.9.8p to version 0.9.8t to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-4180, CVE-2010-4252, CVE-2011-0014, CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, and CVE-2012-0050 to these issues. d. Update to ESX service console OpenSSL RPM The service console OpenSSL RPM is updated to version 0.9.8e-22.el5_8.3 to resolve a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2110 to this issue. e. Update to ESX service console kernel The ESX service console kernel is updated to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-1833, CVE-2011-2484, CVE-2011-2496, CVE-2011-3188, CVE-2011-3209, CVE-2011-3363, CVE-2011-4110, CVE-2011-1020, CVE-2011-4132, CVE-2011-4324, CVE-2011-4325, CVE-2012-0207, CVE-2011-2699, and CVE-2012-1583 to these issues. f. Update to ESX service console Perl RPM The ESX service console Perl RPM is updated to perl-5.8.8.32.1.8999.vmw to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-2761, CVE-2010-4410, and CVE-2011-3597 to these issues. g. Update to ESX service console libxml2 RPMs The ESX service console libmxl2 RPMs are updated to libxml2-2.6.26-2.1.15.el5_8.2 and libxml2-python-2.6.26-2.1.15.el5_8.2 to resolve a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0841 to this issue. h. Update to ESX service console glibc RPM The ESX service console glibc RPM is updated to version glibc-2.5-81.el5_8.1 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-5029, CVE-2009-5064, CVE-2010-0830, CVE-2011-1089, CVE-2011-4609, and CVE-2012-0864 to these issue. i. Update to ESX service console GnuTLS RPM The ESX service console GnuTLS RPM is updated to version 1.4.1-7.el5_8.2 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-4128, CVE-2012-1569, and CVE-2012-1573 to these issues. j. Update to ESX service console popt, rpm, rpm-libs, and rpm-python RPMS The ESX service console popt, rpm, rpm-libs, and rpm-python RPMS are updated to the following versions to resolve multiple security issues : - popt-1.10.2.3-28.el5_8 - rpm-4.4.2.3-28.el5_8 - rpm-libs-4.4.2.3-28.el5_8 - rpm-python-4.4.2.3-28.el5_8 The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0060, CVE-2012-0061, and CVE-2012-0815 to these issues. k. Vulnerability in third-party Apache Struts component The version of Apache Struts in vCenter Operations has been updated to 2.3.4 which addresses an arbitrary file overwrite vulnerability. This vulnerability allows an attacker to create a denial of service by overwriting arbitrary files without authentication. The attacker would need to be on the same network as the system where vCOps is installed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0393 to this issue. Note: Apache struts 2.3.4 addresses the following issues as well : CVE-2011-5057, CVE-2012-0391, CVE-2012-0392, CVE-2012-0394. It was found that these do not affect vCOps. VMware would like to thank Alexander Minozhenko from ERPScan for reporting this issue to us.
    last seen 2018-09-07
    modified 2018-09-06
    plugin id 61747
    published 2012-08-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61747
    title VMSA-2012-0013 : VMware vSphere and vCOps updates to third-party libraries
  • NASL family Peer-To-Peer File Sharing
    NASL id ITUNES_11_1_4_BANNER.NASL
    description The version of Apple iTunes on the remote host is prior to version 11.1.4. It is, therefore, affected by multiple vulnerabilities : - The included versions of the WebKit, libxml, and libxslt components in iTunes contain several errors that can lead to memory corruption and arbitrary code execution. The vendor states that one possible vector is a man-in- the-middle attack while the application browses the 'iTunes Store'. Please note that these vulnerabilities only affect the application when it is running on a Windows host. (CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128) - An uninitialized memory access error exists in the handling of text tracks. By using a specially crafted movie file, a remote attacker can exploit this to cause a denial of service or execute arbitrary code. (CVE-2013-1024) - An error exists related to the iTunes Tutorials window that can allow an attacker in a privileged network location to inject content. Note that this vulnerability only affects the application installed on a Mac OS X host. (CVE-2014-1242)
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 72105
    published 2014-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72105
    title Apple iTunes < 11.1.4 Multiple Vulnerabilities (uncredentialed check)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2013-1627-1.NASL
    description libxml2 has been updated to fix the following security issue : - CVE-2013-0338: libxml2 allowed context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka 'internal entity expansion' with linear complexity. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-07-31
    plugin id 83599
    published 2015-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83599
    title SUSE SLES10 Security Update : libxml2 (SUSE-SU-2013:1627-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20130131_MINGW32_LIBXML2_ON_SL6_X.NASL
    description IMPORTANT NOTE: The mingw32 packages in Scientific Linux 6 will no longer be updated proactively and will be deprecated with the release of Scientific Linux 6.4. These packages were provided to support other capabilities in Scientific Linux and were not intended for direct use. You are advised to not use these packages with immediate effect. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5134) It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) Multiple flaws were found in the way libxml2 parsed certain XPath (XML Path Language) expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Two heap-based buffer overflow flaws were found in the way libxml2 decoded certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216, CVE-2011-3102) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905)
    last seen 2018-09-01
    modified 2015-01-26
    plugin id 64425
    published 2013-02-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64425
    title Scientific Linux Security Update : mingw32-libxml2 on SL6.x (x86_64)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201203-04.NASL
    description The remote host is affected by the vulnerability described in GLSA-201203-04 (libxml2: Denial of Service) libxml2 does not properly randomize hash functions to protect against hash collision attacks. Impact : A remote attacker could entice a user or automated system to open a specially crafted XML document with an application using libxml2 resulting in a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2018-09-01
    modified 2018-07-11
    plugin id 58214
    published 2012-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=58214
    title GLSA-201203-04 : libxml2: Denial of Service
  • NASL family Windows
    NASL id ITUNES_11_1_4.NASL
    description The version of Apple iTunes installed on the remote Windows host is older than 11.1.4. It is, therefore, potentially affected by several issues : - The included versions of WebKit, libxml, and libxslt contain several errors that could lead to memory corruption and possibly arbitrary code execution. The vendor notes that one possible attack vector is a man-in-the-middle attack while the application browses the 'iTunes Store'. (CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128) - An error exists related to text tracks in movie files that could allow denial of service or arbitrary code execution. (CVE-2013-1024) - An error exists related to the iTunes Tutorials window that could allow an attacker in a privileged network location to inject content. (CVE-2014-1242)
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 72104
    published 2014-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72104
    title Apple iTunes < 11.1.4 Multiple Vulnerabilities (credentialed check)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0217.NASL
    description Updated mingw32-libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 6. This advisory also contains information about future updates for the mingw32 packages, as well as the deprecation of the packages with the release of Red Hat Enterprise Linux 6.4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW (Minimalist GNU for Windows). IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5134) It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) Multiple flaws were found in the way libxml2 parsed certain XPath (XML Path Language) expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Two heap-based buffer overflow flaws were found in the way libxml2 decoded certain XML files. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216, CVE-2011-3102) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905) Red Hat would like to thank the Google Security Team for reporting the CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the original reporter of CVE-2010-4008. All users of mingw32-libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2018-09-12
    modified 2018-09-10
    plugin id 64391
    published 2013-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64391
    title RHEL 6 : mingw32-libxml2 (RHSA-2013:0217)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2012-0012.NASL
    description a. ESXi update to third-party component libxml2 The libxml2 third-party library has been updated which addresses multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919 and CVE-2012-0841 to these issues.
    last seen 2018-09-07
    modified 2018-09-06
    plugin id 59966
    published 2012-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59966
    title VMSA-2012-0012 : VMware ESXi update to third-party library
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-0324.NASL
    description Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen 2018-09-02
    modified 2018-07-25
    plugin id 58086
    published 2012-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=58086
    title RHEL 5 / 6 : libxml2 (RHSA-2012:0324)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-0324.NASL
    description Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The libxml2 library is a development toolbox providing the implementation of various XML standards. It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.
    last seen 2018-09-01
    modified 2018-07-02
    plugin id 58096
    published 2012-02-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=58096
    title CentOS 6 : libxml2 (CESA-2012:0324)
redhat via4
advisories
  • bugzilla
    id 787067
    title CVE-2012-0841 libxml2: hash table collisions CPU usage DoS
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhsa:tst:20070055001
      • OR
        • AND
          • comment libxml2-devel is earlier than 0:2.6.26-2.1.15.el5_8.2
            oval oval:com.redhat.rhsa:tst:20120324006
          • comment libxml2-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20080032016
        • AND
          • comment libxml2-python is earlier than 0:2.6.26-2.1.15.el5_8.2
            oval oval:com.redhat.rhsa:tst:20120324004
          • comment libxml2-python is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20080032018
        • AND
          • comment libxml2 is earlier than 0:2.6.26-2.1.15.el5_8.2
            oval oval:com.redhat.rhsa:tst:20120324002
          • comment libxml2 is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20080032014
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhsa:tst:20100842001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhsa:tst:20100842002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhsa:tst:20100842003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhsa:tst:20100842004
      • OR
        • AND
          • comment libxml2-devel is earlier than 0:2.7.6-4.el6_2.4
            oval oval:com.redhat.rhsa:tst:20120324016
          • comment libxml2-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120018010
        • AND
          • comment libxml2-python is earlier than 0:2.7.6-4.el6_2.4
            oval oval:com.redhat.rhsa:tst:20120324018
          • comment libxml2-python is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120018008
        • AND
          • comment libxml2 is earlier than 0:2.7.6-4.el6_2.4
            oval oval:com.redhat.rhsa:tst:20120324012
          • comment libxml2 is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120018006
        • AND
          • comment libxml2-static is earlier than 0:2.7.6-4.el6_2.4
            oval oval:com.redhat.rhsa:tst:20120324014
          • comment libxml2-static is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120018012
    rhsa
    id RHSA-2012:0324
    released 2012-02-21
    severity Moderate
    title RHSA-2012:0324: libxml2 security update (Moderate)
  • rhsa
    id RHSA-2013:0217
rpms
  • libxml2-devel-0:2.6.26-2.1.15.el5_8.2
  • libxml2-python-0:2.6.26-2.1.15.el5_8.2
  • libxml2-0:2.6.26-2.1.15.el5_8.2
  • libxml2-devel-0:2.7.6-4.el6_2.4
  • libxml2-python-0:2.7.6-4.el6_2.4
  • libxml2-0:2.7.6-4.el6_2.4
  • libxml2-static-0:2.7.6-4.el6_2.4
  • mingw32-libxml2-0:2.7.6-6.el6_3
  • mingw32-libxml2-static-0:2.7.6-6.el6_3
refmap via4
apple
  • APPLE-SA-2013-09-18-2
  • APPLE-SA-2013-10-22-8
bid 52107
confirm
debian DSA-2417
mandriva MDVSA-2013:150
misc http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660846
mlist [oss-security] 20120222 libxml2: hash table collisions CPU usage DoS
sectrack 1026723
secunia
  • 54886
  • 55568
suse SUSE-SU-2013:1627
vmware via4
  • description The libxml2 third party library has been updated which addresses multiple security issues
    id VMSA-2012-0012
    last_updated 2012-09-13T00:00:00
    published 2012-07-12T00:00:00
    title ESXi update to third party component libxml2
  • description The ESX service console libmxl2 RPMs are updated to libxml2-2.6.26-2.1.15.el5_8.2 and libxml2-python-2.6.26-2.1.15.el5_8.2 to resolve a security issue.
    id VMSA-2012-0013
    last_updated 2012-12-20T00:00:00
    published 2012-08-30T00:00:00
    title Update to ESX service console libxml2 RPM
Last major update 27-01-2014 - 23:42
Published 21-12-2012 - 00:46
Back to Top