CVE-2012-0841

MEDIUM

Description

libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data.

ID	Name	Product	Family	Severity
89038	VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0013) (remote check)	Nessus	Misc.	high
89037	VMware ESX / ESXi libxml2 Multiple Vulnerabilities (VMSA-2012-0012) (remote check)	Nessus	Misc.	high
83599	SUSE SLES10 Security Update : libxml2 (SUSE-SU-2013:1627-1)	Nessus	SuSE Local Security Checks	high
80957	Juniper Junos libxml2 Library Multiple Vulnerabilities (JSA10669)	Nessus	Junos Local Security Checks	high
80688	Oracle Solaris Third-Party Patch Update : libxml2 (cve_2011_0216_denial_of)	Nessus	Solaris Local Security Checks	high
75938	openSUSE Security Update : libxml2 (openSUSE-SU-2012:0342-1)	Nessus	SuSE Local Security Checks	medium
74577	openSUSE Security Update : libxml2 (openSUSE-SU-2012:0421-1)	Nessus	SuSE Local Security Checks	medium
72105	Apple iTunes < 11.1.4 Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	high
72104	Apple iTunes < 11.1.4 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	high
70884	ESXi 5.0 < Build 764879 Multiple Vulnerabilities (remote check)	Nessus	Misc.	high
70589	Apple iTunes < 11.1.2 Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	high
70588	Apple iTunes < 11.1.2 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	high
70257	Apple TV < 6.0 Multiple Vulnerabilities	Nessus	Misc.	high
69984	Apple iOS < 7 Multiple Vulnerabilities	Nessus	Mobile Devices	high
69659	Amazon Linux AMI : libxml2 (ALAS-2012-52)	Nessus	Amazon Linux Local Security Checks	medium
68721	Oracle Linux 6 : mingw32-libxml2 (ELSA-2013-0217)	Nessus	Oracle Linux Local Security Checks	critical
68489	Oracle Linux 5 / 6 : libxml2 (ELSA-2012-0324)	Nessus	Oracle Linux Local Security Checks	medium
64425	Scientific Linux Security Update : mingw32-libxml2 on SL6.x (x86_64) (20130131)	Nessus	Scientific Linux Local Security Checks	critical
64391	RHEL 6 : mingw32-libxml2 (RHSA-2013:0217)	Nessus	Red Hat Local Security Checks	critical
64384	CentOS 6 : mingw32-libxml2 (CESA-2013:0217)	Nessus	CentOS Local Security Checks	critical
8095	iTunes for Windows < 11.1.4 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
64203	SuSE 11.1 Security Update : libxml2 (SAT Patch Number 5869)	Nessus	SuSE Local Security Checks	medium
62324	Fedora 16 : libxml2-2.7.8-8.fc16 (2012-13824)	Nessus	Fedora Local Security Checks	high
62323	Fedora 17 : libxml2-2.7.8-9.fc17 (2012-13820)	Nessus	Fedora Local Security Checks	high
61747	VMSA-2012-0013 : VMware vSphere and vCOps updates to third-party libraries	Nessus	VMware ESX Local Security Checks	high
61268	Scientific Linux Security Update : libxml2 on SL5.x, SL6.x i386/x86_64 (20120221)	Nessus	Scientific Linux Local Security Checks	medium
59966	VMSA-2012-0012 : VMware ESXi update to third-party library	Nessus	VMware ESX Local Security Checks	critical
59163	SuSE 10 Security Update : libxml2 (ZYPP Patch Number 7997)	Nessus	SuSE Local Security Checks	medium
58214	GLSA-201203-04 : libxml2: Denial of Service	Nessus	Gentoo Local Security Checks	medium
58145	Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : libxml2 vulnerability (USN-1376-1)	Nessus	Ubuntu Local Security Checks	medium
58097	Debian DSA-2417-1 : libxml2 - computational denial of service	Nessus	Debian Local Security Checks	medium
58096	CentOS 6 : libxml2 (CESA-2012:0324)	Nessus	CentOS Local Security Checks	medium
58086	RHEL 5 / 6 : libxml2 (RHSA-2012:0324)	Nessus	Red Hat Local Security Checks	medium
8013	Apple iOS < 7.0 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	critical

CVE-2012-0841

Description

References

Details

Risk Information

CVSS v2.0