CVE-2011-1944 : Detail

Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 35810

Publication date : 2011-05-30 22h00 +00:00
Author : Chris Evans
EDB Verified : Yes

Products Mentioned

Configuraton 0

Xmlsoft>>Libxml2 >> Version 2.6.0

• Xmlsoft>>Libxml2 >> Version 2.6.0 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.1

• Xmlsoft>>Libxml2 >> Version 2.6.1 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.2

• Xmlsoft>>Libxml2 >> Version 2.6.2 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.3

• Xmlsoft>>Libxml2 >> Version 2.6.3 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.4

• Xmlsoft>>Libxml2 >> Version 2.6.4 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.5

• Xmlsoft>>Libxml2 >> Version 2.6.5 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.6

• Xmlsoft>>Libxml2 >> Version 2.6.6 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.7

• Xmlsoft>>Libxml2 >> Version 2.6.7 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.8

• Xmlsoft>>Libxml2 >> Version 2.6.8 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.9

• Xmlsoft>>Libxml2 >> Version 2.6.9 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.11

• Xmlsoft>>Libxml2 >> Version 2.6.11 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.12

• Xmlsoft>>Libxml2 >> Version 2.6.12 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.13

• Xmlsoft>>Libxml2 >> Version 2.6.13 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.14

• Xmlsoft>>Libxml2 >> Version 2.6.14 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.16

• Xmlsoft>>Libxml2 >> Version 2.6.16 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.17

• Xmlsoft>>Libxml2 >> Version 2.6.17 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.18

• Xmlsoft>>Libxml2 >> Version 2.6.18 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.20

• Xmlsoft>>Libxml2 >> Version 2.6.20 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.22

• Xmlsoft>>Libxml2 >> Version 2.6.22 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.26

• Xmlsoft>>Libxml2 >> Version 2.6.26 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.27

• Xmlsoft>>Libxml2 >> Version 2.6.27 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.30

• Xmlsoft>>Libxml2 >> Version 2.6.30 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.6.32

• Xmlsoft>>Libxml2 >> Version 2.6.32 (Open CPE detail)

Configuraton 0

Xmlsoft>>Libxml2 >> Version 2.7.0

• Xmlsoft>>Libxml2 >> Version 2.7.0 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.7.1

• Xmlsoft>>Libxml2 >> Version 2.7.1 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.7.2

• Xmlsoft>>Libxml2 >> Version 2.7.2 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.7.3

• Xmlsoft>>Libxml2 >> Version 2.7.3 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.7.4

• Xmlsoft>>Libxml2 >> Version 2.7.4 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.7.5

• Xmlsoft>>Libxml2 >> Version 2.7.5 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.7.6

• Xmlsoft>>Libxml2 >> Version 2.7.6 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.7.7

• Xmlsoft>>Libxml2 >> Version 2.7.7 (Open CPE detail)

Xmlsoft>>Libxml2 >> Version 2.7.8

• Xmlsoft>>Libxml2 >> Version 2.7.8 (Open CPE detail)

Configuraton 0

Xmlsoft>>Libxml >> Version To (including) 1.8.16

Xmlsoft>>Libxml >> Version 1.5.0

Xmlsoft>>Libxml >> Version 1.6.0

Xmlsoft>>Libxml >> Version 1.6.1

Xmlsoft>>Libxml >> Version 1.6.2

Xmlsoft>>Libxml >> Version 1.7.0

Xmlsoft>>Libxml >> Version 1.7.1

Xmlsoft>>Libxml >> Version 1.7.2

Xmlsoft>>Libxml >> Version 1.7.3

Xmlsoft>>Libxml >> Version 1.7.4

Xmlsoft>>Libxml >> Version 1.8.0

Xmlsoft>>Libxml >> Version 1.8.1

Xmlsoft>>Libxml >> Version 1.8.2

Xmlsoft>>Libxml >> Version 1.8.3

Xmlsoft>>Libxml >> Version 1.8.4

Xmlsoft>>Libxml >> Version 1.8.5

Xmlsoft>>Libxml >> Version 1.8.6

Xmlsoft>>Libxml >> Version 1.8.7

Xmlsoft>>Libxml >> Version 1.8.8

Xmlsoft>>Libxml >> Version 1.8.9

Xmlsoft>>Libxml >> Version 1.8.10

Xmlsoft>>Libxml >> Version 1.8.11

Xmlsoft>>Libxml >> Version 1.8.12

Xmlsoft>>Libxml >> Version 1.8.13

Xmlsoft>>Libxml >> Version 1.8.14

Xmlsoft>>Libxml >> Version 1.8.15

References