This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Name cpe:/a:xmlsoft:libxml2:2.6.27
Detail
Vendor Xmlsoft First view 2008-09-12
Product libxml2 Last view 2014-01-21
Version 2.6.27 Type Application
Edition  
Language  
Update  
 
CPE Product cpe:/a:xmlsoft:libxml2

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
6.8 2014-01-21 CVE-2013-0339 Network Medium None Requ...
5 2013-07-10 CVE-2013-2877 Network Low None Requ...
4.3 2013-04-25 CVE-2013-0338 Network Medium None Requ...
5 2012-12-21 CVE-2012-0841 Network Low None Requ...
6.8 2012-11-27 CVE-2012-5134 Network Medium None Requ...
Hide | Show 5 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
9.3 2011-09-02 CVE-2011-1944 Network Medium None Requ...
4.3 2010-11-16 CVE-2010-4008 Network Medium None Requ...
4.3 2009-08-11 CVE-2009-2416 Network Medium None Requ...
4.3 2009-08-11 CVE-2009-2414 Network Medium None Requ...
10 2008-09-12 CVE-2008-3529 Network Low None Requ...

CWE : Common Weakness Enumeration

%idName
60% (6)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
20% (2)CWE-399Resource Management Errors
10% (1)CWE-264Permissions, Privileges, and Access Controls
10% (1)CWE-189Numeric Errors

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:8076DSA-1654 libxml2 -- buffer overflow
oval:org.mitre.oval:def:6103Libxml2 Heap Overflow in xmlParseAttValueComplex() Lets Remote Users Execute ...
oval:org.mitre.oval:def:18505DSA-1654-1 libxml2 - execution of arbitrary code
oval:org.mitre.oval:def:13882USN-815-1 -- libxml2 vulnerabilities
oval:org.mitre.oval:def:11760Heap-based buffer overflow in the xmlParseAttValueComplex function in parser....
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:21739ELSA-2008:0884: libxml2 security update (Important)
oval:org.mitre.oval:def:8639VMware libxml2 stack consumption vulnerability
oval:org.mitre.oval:def:8132DSA-1859 libxml2 -- several vulnerabilities
oval:org.mitre.oval:def:8116DSA-1861 libxml -- several vulnerabilities
oval:org.mitre.oval:def:13712DSA-1861-1 libxml -- several
oval:org.mitre.oval:def:13681DSA-1859-1 libxml2 -- several
oval:org.mitre.oval:def:10129Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, an...
oval:org.mitre.oval:def:9262Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2....
oval:org.mitre.oval:def:7783VMware libxml2 use-after-free vulnerability
oval:org.mitre.oval:def:22743ELSA-2009:1206: libxml and libxml2 security update (Moderate)
oval:org.mitre.oval:def:13253USN-1016-1 -- libxml2 vulnerability
oval:org.mitre.oval:def:12709DSA-2128-1 libxml2 -- invalid memory access
oval:org.mitre.oval:def:12148Vulnerability in libxml2 in Google Chrome before 7.0.517.44
oval:org.mitre.oval:def:13526USN-1153-1 -- libxml2 vulnerability
oval:org.mitre.oval:def:20976RHSA-2012:0324: libxml2 security update (Moderate)
oval:org.mitre.oval:def:20110VMware vSphere and vCOps updates to third party libraries
oval:org.mitre.oval:def:15454USN-1376-1 -- libxml2 vulnerability
oval:org.mitre.oval:def:14887DSA-2417-1 libxml2 -- computational denial of service
oval:org.mitre.oval:def:23733ELSA-2012:0324: libxml2 security update (Moderate)
oval:org.mitre.oval:def:23087DEPRECATED: ELSA-2012:0324: libxml2 security update (Moderate)

Open Source Vulnerability Database (OSVDB)

idDescription
73248libxml2 xpath.c Xpath Nodeset Processing Overflow
69205libxml2 Crafted XML File XPath Axis Traversal DoS
56990libxml2 DTD Element Declaration Handling Stack Consumption DoS
56985libxml2 XML File Multiple Attribute Type Handling DoS
48158libxml2 parser.c xmlParseAttValueComplex Function XML Entity Name Handling DoS

Milw0rm Exploits

idDescription
2009-05-26Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC

ExploitDB Exploits

idDescription
8798Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-12-14Name : SuSE Update for Chromium openSUSE-SU-2012:1637-1 (Chromium)
File : nvt/gb_suse_2012_1637_1.nasl
2012-12-06Name : Ubuntu Update for libxml2 USN-1656-1
File : nvt/gb_ubuntu_USN_1656_1.nasl
2012-12-04Name : RedHat Update for libxml2 RHSA-2012:1512-01
File : nvt/gb_RHSA-2012_1512-01_libxml2.nasl
2012-12-04Name : Mandriva Update for libxml2 MDVSA-2012:176 (libxml2)
File : nvt/gb_mandriva_MDVSA_2012_176.nasl
2012-12-04Name : Debian Security Advisory DSA 2580-1 (libxml2)
File : nvt/deb_2580_1.nasl
Hide | Show 20 More...
idDescription
2012-12-04Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium24.nasl
2012-12-04Name : CentOS Update for libxml2 CESA-2012:1512 centos5
File : nvt/gb_CESA-2012_1512_libxml2_centos5.nasl
2012-12-04Name : CentOS Update for libxml2 CESA-2012:1512 centos6
File : nvt/gb_CESA-2012_1512_libxml2_centos6.nasl
2012-12-04Name : Google Chrome Multiple Vulnerabilities-01 Dec2012 (Linux)
File : nvt/gb_google_chrome_mult_vuln01_dec12_lin.nasl
2012-12-04Name : Google Chrome Multiple Vulnerabilities-01 Dec2012 (Mac OS X)
File : nvt/gb_google_chrome_mult_vuln01_dec12_macosx.nasl
2012-12-04Name : Google Chrome Multiple Vulnerabilities-01 Dec2012 (Windows)
File : nvt/gb_google_chrome_mult_vuln01_dec12_win.nasl
2012-10-03Name : Fedora Update for libxml2 FEDORA-2012-13824
File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl
2012-09-27Name : Fedora Update for libxml2 FEDORA-2012-13820
File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl
2012-08-31Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.
File : nvt/gb_VMSA-2012-0013.nasl
2012-07-30Name : CentOS Update for libxml2 CESA-2012:0017 centos5
File : nvt/gb_CESA-2012_0017_libxml2_centos5.nasl
2012-07-30Name : CentOS Update for libxml2 CESA-2012:0324 centos6
File : nvt/gb_CESA-2012_0324_libxml2_centos6.nasl
2012-07-13Name : VMSA-2012-0012 VMware ESXi update addresses several security issues.
File : nvt/gb_VMSA-2012-0012.nasl
2012-07-09Name : RedHat Update for libxml2 RHSA-2011:1749-03
File : nvt/gb_RHSA-2011_1749-03_libxml2.nasl
2012-05-18Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-03-12Name : Gentoo Security Advisory GLSA 201203-04 (libxml2)
File : nvt/glsa_201203_04.nasl
2012-03-12Name : Debian Security Advisory DSA 2417-1 (libxml2)
File : nvt/deb_2417_1.nasl
2012-03-07Name : Ubuntu Update for libxml2 USN-1376-1
File : nvt/gb_ubuntu_USN_1376_1.nasl
2012-02-27Name : RedHat Update for libxml2 RHSA-2012:0324-01
File : nvt/gb_RHSA-2012_0324-01_libxml2.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201110-26 (libxml2)
File : nvt/glsa_201110_26.nasl
2012-01-13Name : RedHat Update for libxml2 RHSA-2012:0017-01
File : nvt/gb_RHSA-2012_0017-01_libxml2.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2012-A-0153Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity : Category I - VMSKEY : V0033884
2012-A-0148Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity : Category I - VMSKEY : V0033794
2012-A-0073Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity : Category I - VMSKEY : V0032171
2009-T-0049Multiple Vulnerabilities in libxml2
Severity : Category I - VMSKEY : V0019911

Snort® IPS/IDS

DateDescription
2014-01-10libxml2 file processing long entity overflow attempt
RuleID : 15866 - Type : FILE-OTHER - Revision : 12

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-263.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-179.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-592.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-845.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-854.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_libxml2-101103.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_libxml2-110629.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_libxml2-110629.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_libxml2-120224.nasl - Type : ACT_GATHER_INFO
2014-05-20Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0513.nasl - Type : ACT_GATHER_INFO
2014-05-20Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0513.nasl - Type : ACT_GATHER_INFO
2014-05-20Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0513.nasl - Type : ACT_GATHER_INFO
2014-05-20Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140519_libxml2_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-05-13Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_e7bb3885da4011e39ecb2c4138874f7d.nasl - Type : ACT_GATHER_INFO
2014-01-29Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libxml2-140106.nasl - Type : ACT_GATHER_INFO
2014-01-23Name : The remote host contains an application that has multiple vulnerabilities.
File : itunes_11_1_4.nasl - Type : ACT_GATHER_INFO
2014-01-23Name : The remote host contains an application with potentially multiple vulnerabili...
File : itunes_11_1_4_banner.nasl - Type : ACT_GATHER_INFO
2013-11-13Name : The remote VMware ESXi 5.0 host is affected by a buffer underflow vulnerability.
File : vmware_esxi_5_0_build_1022489_remote.nasl - Type : ACT_GATHER_INFO
2013-11-13Name : The remote VMware ESXi 5.0 host is affected by multiple security vulnerabilit...
File : vmware_esxi_5_0_build_1311177_remote.nasl - Type : ACT_GATHER_INFO
2013-11-13Name : The remote VMware ESXi 5.0 host is affected by multiple security vulnerabilit...
File : vmware_esxi_5_0_build_764879_remote.nasl - Type : ACT_GATHER_INFO
2013-11-13Name : The remote VMware ESXi 5.1 host is affected by multiple security vulnerabilit...
File : vmware_esxi_5_1_build_1063671_remote.nasl - Type : ACT_GATHER_INFO
2013-11-11Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201311-06.nasl - Type : ACT_GATHER_INFO
2013-10-24Name : The remote host contains an application that has multiple vulnerabilities.
File : itunes_11_1_2.nasl - Type : ACT_GATHER_INFO
2013-10-24Name : The remote host contains an application with multiple vulnerabilities.
File : itunes_11_1_2_banner.nasl - Type : ACT_GATHER_INFO
2013-10-15Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2779.nasl - Type : ACT_GATHER_INFO