CVE-2013-0338

MEDIUM

Details

Source: MITRE

Published: 2013-04-25

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:xmlsoft:libxml2:1.7.0:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.7.1:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.7.2:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.7.3:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.7.4:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.1:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.2:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.3:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.4:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.5:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.6:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.7:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.9:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.10:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.13:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.14:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:1.8.16:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.0:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.4:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.5:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.6:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.7:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.8:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.9:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.10:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.2.11:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.0:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.2:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.4:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.5:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.6:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.7:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.8:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.9:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.10:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.11:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.12:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.13:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.3.14:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.2:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.3:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.4:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.5:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.6:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.7:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.8:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.9:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.10:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.11:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.12:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.13:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.14:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.15:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.16:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.17:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.18:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.20:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.21:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.22:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.24:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.25:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.26:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.27:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.28:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.29:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.4.30:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.5.0:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.5.7:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.5.8:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.21:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.23:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.24:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.25:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.28:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.29:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.31:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*

cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:* versions up to 2.9.0 (inclusive)

cpe:2.3:a:xmlsoft:libxml2:2.9.0:rc1:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

Tenable Plugins

View all (22 total)

IDNameProductFamilySeverity
89666VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0009) (remote check)NessusMisc.
medium
83599SUSE SLES10 Security Update : libxml2 (SUSE-SU-2013:1627-1)NessusSuSE Local Security Checks
high
81002Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2015 CPU)NessusWeb Servers
high
80957Juniper Junos libxml2 Library Multiple Vulnerabilities (JSA10669)NessusJunos Local Security Checks
high
80690Oracle Solaris Third-Party Patch Update : libxml2 (cve_2013_0338_denial_of)NessusSolaris Local Security Checks
medium
79964GLSA-201412-11 : AMD64 x86 emulation base libraries: Multiple vulnerabilities (Heartbleed)NessusGentoo Local Security Checks
high
74946openSUSE Security Update : libxml2 (openSUSE-SU-2013:0552-1)NessusSuSE Local Security Checks
medium
72037ESXi 5.1 < Build 1483097 Multiple Vulnerabilities (remote check)NessusMisc.
low
70879ESXi 5.0 < Build 1311175 Multiple Vulnerabilities (remote check)NessusMisc.
medium
70836GLSA-201311-06 : libxml2: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
69747Amazon Linux AMI : libxml2 (ALAS-2013-188)NessusAmazon Linux Local Security Checks
medium
69193VMSA-2013-0009 : VMware vSphere, ESX and ESXi updates to third-party librariesNessusVMware ESX Local Security Checks
medium
68767Oracle Linux 5 / 6 : libxml2 (ELSA-2013-0581)NessusOracle Linux Local Security Checks
medium
66301SuSE 10 Security Update : libxml2 (ZYPP Patch Number 8513)NessusSuSE Local Security Checks
medium
66300SuSE 11.2 Security Update : libxml2 (SAT Patch Number 7517)NessusSuSE Local Security Checks
medium
66070Mandriva Linux Security Advisory : libxml2 (MDVSA-2013:056)NessusMandriva Local Security Checks
medium
65845FreeBSD : libxml2 -- cpu consumption Dos (843a4641-9816-11e2-9c51-080027019be0)NessusFreeBSD Local Security Checks
medium
65730Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : libxml2 vulnerability (USN-1782-1)NessusUbuntu Local Security Checks
medium
65695Debian DSA-2652-1 : libxml2 - external entity expansionNessusDebian Local Security Checks
medium
64971CentOS 5 / 6 : libxml2 (CESA-2013:0581)NessusCentOS Local Security Checks
medium
64964Scientific Linux Security Update : libxml2 on SL5.x, SL6.x i386/x86_64 (20130228)NessusScientific Linux Local Security Checks
medium
64945RHEL 5 / 6 : libxml2 (RHSA-2013:0581)NessusRed Hat Local Security Checks
medium