CVE-2012-2871

MEDIUM

Description

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.

ID	Name	Product	Family	Severity
89661	VMware ESX / ESXi Authentication Service and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0001) (remote check)	Nessus	Misc.	critical
80695	Oracle Solaris Third-Party Patch Update : libxslt (multiple_vulnerabilities_in_libxslt)	Nessus	Solaris Local Security Checks	medium
74759	openSUSE Security Update : chromium (openSUSE-SU-2012:1215-1)	Nessus	SuSE Local Security Checks	high
72105	Apple iTunes < 11.1.4 Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	high
72104	Apple iTunes < 11.1.4 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	high
70886	ESXi 5.1 < Build 1063671 Multiple Vulnerabilities (remote check)	Nessus	Misc.	medium
70836	GLSA-201311-06 : libxml2: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
70589	Apple iTunes < 11.1.2 Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	high
70588	Apple iTunes < 11.1.2 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	high
70257	Apple TV < 6.0 Multiple Vulnerabilities	Nessus	Misc.	high
69984	Apple iOS < 7 Multiple Vulnerabilities	Nessus	Mobile Devices	high
69613	Amazon Linux AMI : libxslt (ALAS-2012-123)	Nessus	Amazon Linux Local Security Checks	medium
68622	Oracle Linux 5 / 6 : libxslt (ELSA-2012-1265)	Nessus	Oracle Linux Local Security Checks	medium
66061	Mandriva Linux Security Advisory : libxslt (MDVSA-2013:047)	Nessus	Mandriva Local Security Checks	medium
64642	VMSA-2013-0001 : VMware vSphere security updates for the authentication service and third-party libraries	Nessus	VMware ESX Local Security Checks	critical
8095	iTunes for Windows < 11.1.4 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
63195	Fedora 18 : libxslt-1.1.27-2.fc18 (2012-15716)	Nessus	Fedora Local Security Checks	medium
62504	Mandriva Linux Security Advisory : libxslt (MDVSA-2012:164)	Nessus	Mandriva Local Security Checks	medium
62440	Debian DSA-2555-1 : libxslt - several vulnerabilities	Nessus	Debian Local Security Checks	medium
62435	Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : libxslt vulnerabilities (USN-1595-1)	Nessus	Ubuntu Local Security Checks	medium
62328	Fedora 17 : libxslt-1.1.26-10.fc17 (2012-14083)	Nessus	Fedora Local Security Checks	medium
62326	Fedora 16 : libxslt-1.1.26-9.fc16 (2012-14048)	Nessus	Fedora Local Security Checks	medium
62107	Scientific Linux Security Update : libxslt on SL5.x, SL6.x i386/x86_64 (20120913)	Nessus	Scientific Linux Local Security Checks	medium
62090	RHEL 5 / 6 : libxslt (RHSA-2012:1265)	Nessus	Red Hat Local Security Checks	medium
62085	CentOS 5 / 6 : libxslt (CESA-2012:1265)	Nessus	CentOS Local Security Checks	medium
800953	Google Chrome < 21.0.1180.89 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
61774	Google Chrome < 21.0.1180.89 Multiple Vulnerabilities	Nessus	Windows	high
61744	FreeBSD : chromium -- multiple vulnerabilities (ee68923d-f2f5-11e1-8014-00262d5ed8ee)	Nessus	FreeBSD Local Security Checks	high
8013	Apple iOS < 7.0 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	critical

CVE-2012-2871

Description

References

Details

Risk Information

CVSS v2.0