exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2012-2825

Status Candidate

Overview

The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.

Related Files

Apple Security Advisory 2014-01-22-1
Posted Jan 24, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-01-22-1 - iTunes 11.1.4 is now available and addresses multiple security issues related to content control, code execution, and more. libxml and libxslt have also been updated to address memory corruption and code execution issues.

tags | advisory, code execution
systems | apple
advisories | CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-1024, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128, CVE-2014-1242
SHA-256 | 88e0818e053952a3bd2eb65f69993d1a072ba9bb5eaaa9ed5388a10cd7518e9e
Apple Security Advisory 2013-09-20-1
Posted Sep 20, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-09-20-1 - Apple TV 6.0 is now available and addresses 57 different vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2011-2391, CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-0879, CVE-2013-0991, CVE-2013-0992, CVE-2013-0993, CVE-2013-0994, CVE-2013-0995, CVE-2013-0996, CVE-2013-0997, CVE-2013-0998, CVE-2013-0999, CVE-2013-1000, CVE-2013-1001, CVE-2013-1002, CVE-2013-1003, CVE-2013-1004, CVE-2013-1005, CVE-2013-1006, CVE-2013-1007, CVE-2013-1008, CVE-2013-1010
SHA-256 | 1829e75185a589dc360c1424fc0d1fcbf1d9598859d451423d0cc59a18b7b1c9
Apple Security Advisory 2013-09-18-2
Posted Sep 19, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-09-18-2 - iOS 7 is now available and addresses Certificate Trust Policy, Core Graphics, Core Media, Data Protection, and various other issues and vulnerabilities.

tags | advisory, vulnerability
systems | cisco, apple, ios
advisories | CVE-2011-2391, CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-0879, CVE-2013-0926, CVE-2013-0957, CVE-2013-0991, CVE-2013-0992, CVE-2013-0993, CVE-2013-0994, CVE-2013-0995, CVE-2013-0996, CVE-2013-0997, CVE-2013-0998, CVE-2013-0999, CVE-2013-1000, CVE-2013-1001, CVE-2013-1002, CVE-2013-1003, CVE-2013-1004, CVE-2013-1005, CVE-2013-1006, CVE-2013-1007
SHA-256 | 28033ee75b46e43dd395d653bcaeafcb70f1b640306db4446062bdbfd7ff9c7f
Mandriva Linux Security Advisory 2013-047
Posted Apr 7, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-047 - The XSL implementation in libxslt allows remote attackers to cause a denial of service via unspecified vectors. libxslt 1.1.26 and earlier does not properly manage memory, which might allow remote attackers to cause a denial of service via a crafted XSLT expression that is not properly identified during XPath navigation, related to the xsltCompileLocationPathPattern function in libxslt/pattern.c and the xsltGenerateIdFunction function in libxslt/functions.c. libxml2 2.9.0-rc1 and earlier does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. Double free vulnerability in libxslt allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-2893
SHA-256 | 98161c0b908ae321ff7e41c26e4bb80ca14d2a7fa8b6e59bc0997cca1201e034
Ubuntu Security Notice USN-1595-1
Posted Oct 5, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1595-1 - Chris Evans discovered that libxslt incorrectly handled generate-id XPath functions. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could obtain potentially sensitive information. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 11.04. It was discovered that libxslt incorrectly parsed certain patterns. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-1202, CVE-2011-3970, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-2893, CVE-2011-1202, CVE-2011-3970, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-2893
SHA-256 | 5dada35384ea916fefdd03285e96612d7c197f764028a0915522b0f15010b138
Red Hat Security Advisory 2012-1265-01
Posted Sep 14, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1265-01 - libxslt is a library for transforming XML files into other textual formats using the standard XSLT stylesheet transformation mechanism. A heap-based buffer overflow flaw was found in the way libxslt applied templates to nodes selected by certain namespaces. An attacker could use this flaw to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-1202, CVE-2011-3970, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871
SHA-256 | 9920cb411b2c3aa2362ffe225a52581712a70d0901996f2acabf529dcdc400d4
Gentoo Linux Security Advisory 201208-03
Posted Aug 15, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201208-3 - Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Versions less than 21.0.1180.57 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-2815, CVE-2012-2817, CVE-2012-2818, CVE-2012-2819, CVE-2012-2820, CVE-2012-2821, CVE-2012-2823, CVE-2012-2824, CVE-2012-2825, CVE-2012-2826, CVE-2012-2829, CVE-2012-2830, CVE-2012-2831, CVE-2012-2834, CVE-2012-2842, CVE-2012-2843, CVE-2012-2846, CVE-2012-2847, CVE-2012-2848, CVE-2012-2849, CVE-2012-2853, CVE-2012-2854, CVE-2012-2857, CVE-2012-2858, CVE-2012-2859, CVE-2012-2860
SHA-256 | 0e4ab358111560250603ed9103607bfa7bafe146bbf5da81c989bb38fe4435e1
Mandriva Linux Security Advisory 2012-109
Posted Jul 23, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-109 - The XSL implementation in libxslt allows remote attackers to cause a denial of service via unspecified vectors. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-2825
SHA-256 | dc8ab75689783fd73ff8eed92cf10fede40cab98ea6318b17769701db4617cd5
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close