CVE-2012-2870

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.

References

http://code.google.com/p/chromium/issues/detail?id=138672

http://code.google.com/p/chromium/issues/detail?id=140368

http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html

http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html

http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html

http://secunia.com/advisories/50838

http://secunia.com/advisories/54886

http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?r1=75684&r2=149998

http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?view=log

http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123

http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?view=log

http://support.apple.com/kb/HT5934

http://support.apple.com/kb/HT6001

http://www.debian.org/security/2012/dsa-2555

http://www.mandriva.com/security/advisories?name=MDVSA-2012:164

https://chromiumcodereview.appspot.com/10823168

https://chromiumcodereview.appspot.com/10830177

Details

Source: MITRE

Published: 2012-08-31

Updated: 2014-01-28

Type: CWE-399

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:5.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:5.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:5.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:5.1.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.1.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:6.1.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to 6.1.4 (inclusive)

Configuration 2

OR

cpe:2.3:a:google:chrome:21.0.1180.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.31:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.32:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.34:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.35:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.36:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.37:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.38:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.39:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.41:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.46:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.47:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.48:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.49:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.50:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.51:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.52:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.53:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.54:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.55:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.56:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.57:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.59:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.60:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.61:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.62:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.63:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.64:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.68:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.69:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.70:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.71:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.72:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.73:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.74:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.75:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.76:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.77:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.78:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.79:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.80:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.81:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.82:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.83:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.84:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.85:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.86:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:21.0.1180.87:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to 21.0.1180.88 (inclusive)

cpe:2.3:a:xmlsoft:libxslt:1.1.8:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.9:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.10:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.11:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.12:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.13:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.14:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.15:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.16:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.17:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.18:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.19:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.20:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.21:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.22:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.23:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:1.1.24:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:* versions up to 1.1.26 (inclusive)

Tenable Plugins

View all (30 total)

IDNameProductFamilySeverity
89661VMware ESX / ESXi Authentication Service and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0001) (remote check)NessusMisc.
critical
80695Oracle Solaris Third-Party Patch Update : libxslt (multiple_vulnerabilities_in_libxslt)NessusSolaris Local Security Checks
medium
74759openSUSE Security Update : chromium (openSUSE-SU-2012:1215-1)NessusSuSE Local Security Checks
high
72105Apple iTunes < 11.1.4 Multiple Vulnerabilities (uncredentialed check)NessusPeer-To-Peer File Sharing
high
72104Apple iTunes < 11.1.4 Multiple Vulnerabilities (credentialed check)NessusWindows
high
71907GLSA-201401-07 : libxslt: Denial of ServiceNessusGentoo Local Security Checks
medium
70886ESXi 5.1 < Build 1063671 Multiple Vulnerabilities (remote check)NessusMisc.
medium
70589Apple iTunes < 11.1.2 Multiple Vulnerabilities (uncredentialed check)NessusPeer-To-Peer File Sharing
high
70588Apple iTunes < 11.1.2 Multiple Vulnerabilities (credentialed check)NessusWindows
high
70257Apple TV < 6.0 Multiple VulnerabilitiesNessusMisc.
high
69984Apple iOS < 7 Multiple VulnerabilitiesNessusMobile Devices
high
69613Amazon Linux AMI : libxslt (ALAS-2012-123)NessusAmazon Linux Local Security Checks
medium
68622Oracle Linux 5 / 6 : libxslt (ELSA-2012-1265)NessusOracle Linux Local Security Checks
medium
66061Mandriva Linux Security Advisory : libxslt (MDVSA-2013:047)NessusMandriva Local Security Checks
medium
64642VMSA-2013-0001 : VMware vSphere security updates for the authentication service and third-party librariesNessusVMware ESX Local Security Checks
critical
8095iTunes for Windows < 11.1.4 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
63195Fedora 18 : libxslt-1.1.27-2.fc18 (2012-15716)NessusFedora Local Security Checks
medium
62504Mandriva Linux Security Advisory : libxslt (MDVSA-2012:164)NessusMandriva Local Security Checks
medium
62440Debian DSA-2555-1 : libxslt - several vulnerabilitiesNessusDebian Local Security Checks
medium
62435Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : libxslt vulnerabilities (USN-1595-1)NessusUbuntu Local Security Checks
medium
62328Fedora 17 : libxslt-1.1.26-10.fc17 (2012-14083)NessusFedora Local Security Checks
medium
62326Fedora 16 : libxslt-1.1.26-9.fc16 (2012-14048)NessusFedora Local Security Checks
medium
62107Scientific Linux Security Update : libxslt on SL5.x, SL6.x i386/x86_64 (20120913)NessusScientific Linux Local Security Checks
medium
62090RHEL 5 / 6 : libxslt (RHSA-2012:1265)NessusRed Hat Local Security Checks
medium
62085CentOS 5 / 6 : libxslt (CESA-2012:1265)NessusCentOS Local Security Checks
medium
800953Google Chrome < 21.0.1180.89 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
6563Google Chrome < 21.0.1180.89 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
61774Google Chrome < 21.0.1180.89 Multiple VulnerabilitiesNessusWindows
high
61744FreeBSD : chromium -- multiple vulnerabilities (ee68923d-f2f5-11e1-8014-00262d5ed8ee)NessusFreeBSD Local Security Checks
high
8013Apple iOS < 7.0 Multiple VulnerabilitiesNessus Network MonitorMobile Devices
critical