what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2011-3102

Status Candidate

Overview

Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.

Related Files

Apple Security Advisory 2014-01-22-1
Posted Jan 24, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-01-22-1 - iTunes 11.1.4 is now available and addresses multiple security issues related to content control, code execution, and more. libxml and libxslt have also been updated to address memory corruption and code execution issues.

tags | advisory, code execution
systems | apple
advisories | CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-1024, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128, CVE-2014-1242
SHA-256 | 88e0818e053952a3bd2eb65f69993d1a072ba9bb5eaaa9ed5388a10cd7518e9e
Apple Security Advisory 2013-09-20-1
Posted Sep 20, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-09-20-1 - Apple TV 6.0 is now available and addresses 57 different vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2011-2391, CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-0879, CVE-2013-0991, CVE-2013-0992, CVE-2013-0993, CVE-2013-0994, CVE-2013-0995, CVE-2013-0996, CVE-2013-0997, CVE-2013-0998, CVE-2013-0999, CVE-2013-1000, CVE-2013-1001, CVE-2013-1002, CVE-2013-1003, CVE-2013-1004, CVE-2013-1005, CVE-2013-1006, CVE-2013-1007, CVE-2013-1008, CVE-2013-1010
SHA-256 | 1829e75185a589dc360c1424fc0d1fcbf1d9598859d451423d0cc59a18b7b1c9
Apple Security Advisory 2013-09-18-2
Posted Sep 19, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-09-18-2 - iOS 7 is now available and addresses Certificate Trust Policy, Core Graphics, Core Media, Data Protection, and various other issues and vulnerabilities.

tags | advisory, vulnerability
systems | cisco, apple, ios
advisories | CVE-2011-2391, CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-0879, CVE-2013-0926, CVE-2013-0957, CVE-2013-0991, CVE-2013-0992, CVE-2013-0993, CVE-2013-0994, CVE-2013-0995, CVE-2013-0996, CVE-2013-0997, CVE-2013-0998, CVE-2013-0999, CVE-2013-1000, CVE-2013-1001, CVE-2013-1002, CVE-2013-1003, CVE-2013-1004, CVE-2013-1005, CVE-2013-1006, CVE-2013-1007
SHA-256 | 28033ee75b46e43dd395d653bcaeafcb70f1b640306db4446062bdbfd7ff9c7f
Mandriva Linux Security Advisory 2013-056
Posted Apr 8, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-056 - A heap-buffer overflow was found in the way libxml2 decoded certain XML entities. A remote attacker could provide a specially-crafted XML file, which once opened in an application linked against libxml would cause that application to crash, or, potentially, execute arbitrary code with the privileges of the user running the application. A denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. A remote attacker could provide a specially-crafted XML file that, when processed by an application linked against libxml2, would lead to excessive CPU consumption. An Off-by-one error in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Multiple integer overflows in libxml2, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-5134, CVE-2013-0338, CVE-2011-3102, CVE-2012-2807
SHA-256 | af9acf74042cc531e03902efd1151ff0e9a6cd65cb241177b80784cbcf067a2b
Red Hat Security Advisory 2013-0217-01
Posted Feb 1, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0217-01 - These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW. IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release.

tags | advisory
systems | linux, redhat
advisories | CVE-2010-4008, CVE-2010-4494, CVE-2011-0216, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3102, CVE-2011-3905, CVE-2011-3919, CVE-2012-0841, CVE-2012-5134
SHA-256 | 1cd549ed331d887cc45d0de02f4cca9d6965b1454f082a5f2089b316b13ce1f0
Red Hat Security Advisory 2012-1288-01
Posted Sep 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1288-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A one byte buffer overflow was found in the way libxml2 evaluated certain parts of XML Pointer Language expressions. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-3102, CVE-2012-2807
SHA-256 | e52f1b1cd88cdf7b50791d1283d7b0ac4e42fae0d3311c3b115ce75ab90bd4de
Gentoo Linux Security Advisory 201207-02
Posted Jul 10, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201207-2 - A off-by-one error in libxml2 could result in execution of arbitrary code or Denial of Service. Versions less than 2.8.0_rc1 are affected.

tags | advisory, denial of service, arbitrary
systems | linux, gentoo
advisories | CVE-2011-3102
SHA-256 | cfd38f516134dfeeb2d9f28624baacdde8b8eb364f71e5aa464775b51c53fa34
Mandriva Linux Security Advisory 2012-098
Posted Jun 21, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-098 - An Off-by-one error in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-3102
SHA-256 | 92164d666f63cc7c78be961e77d166e66cfe2c8d03992309cf257dcce674abd7
Debian Security Advisory 2479-1
Posted May 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2479-1 - Jueri Aedla discovered an off-by-one in libxml2, which could result in the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2011-3102
SHA-256 | 5e62d60e907638254c3219bad9aae0a157a50cc91b3cbaa54606ea417f886ce3
Ubuntu Security Notice USN-1447-1
Posted May 22, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1447-1 - Juri Aedla discovered that libxml2 contained an off by one error in its XPointer functionality. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-3102
SHA-256 | ff75da73d756437f5b6ffa8976743570d87fd97f5dd934cc2d3190340c09d3dc
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close