ID CVE-2011-1944
Summary Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.
References
Vulnerable Configurations
  • cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.7:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.7:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.8:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.8:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.9:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.9:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.10:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.10:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.11:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.11:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.12:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.12:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.13:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.13:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.14:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.14:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:1.8.15:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:1.8.15:*:*:*:*:*:*:*
  • cpe:2.3:a:xmlsoft:libxml:*:*:*:*:*:*:*:*
    cpe:2.3:a:xmlsoft:libxml:*:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 17-06-2016 - 01:59)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
redhat via4
advisories
  • rhsa
    id RHSA-2011:1749
  • rhsa
    id RHSA-2013:0217
rpms
  • libxml2-0:2.7.6-4.el6
  • libxml2-debuginfo-0:2.7.6-4.el6
  • libxml2-devel-0:2.7.6-4.el6
  • libxml2-python-0:2.7.6-4.el6
  • libxml2-static-0:2.7.6-4.el6
  • libxml2-0:2.6.26-2.1.12.el5_7.2
  • libxml2-debuginfo-0:2.6.26-2.1.12.el5_7.2
  • libxml2-devel-0:2.6.26-2.1.12.el5_7.2
  • libxml2-python-0:2.6.26-2.1.12.el5_7.2
  • mingw32-libxml2-0:2.7.6-6.el6_3
  • mingw32-libxml2-debuginfo-0:2.7.6-6.el6_3
  • mingw32-libxml2-static-0:2.7.6-6.el6_3
refmap via4
apple
  • APPLE-SA-2012-05-09-1
  • APPLE-SA-2012-09-19-1
bid 48056
confirm
debian DSA-2255
fedora FEDORA-2011-7856
hp
  • HPSBMU02786
  • SSRT100877
mandriva MDVSA-2011:131
misc http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html
mlist [oss-security] 20110531 Re: CVE request: libxml vulnerability and interesting integer issues
osvdb 73248
secunia 44711
suse openSUSE-SU-2011:0839
ubuntu USN-1153-1
Last major update 17-06-2016 - 01:59
Published 02-09-2011 - 16:55
Last modified 17-06-2016 - 01:59
Back to Top