Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title libxml2: User-assisted execution of arbitrary code
Informations
Name GLSA-201207-02 First vendor Publication 2012-07-09
Vendor Gentoo Last vendor Modification 2012-07-09
Severity (Vendor) Normal Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 6.8 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

A off-by-one error in libxml2 could result in execution of arbitrary code or Denial of Service.

Background

libxml2 is the XML C parser and toolkit developed for the Gnome project.

Description

The "xmlXPtrEvalXPtrPart()" function in xpointer.c contains an off-by-one error.

Impact

A remote attacker could entice a user or automated system to open a specially crafted XML document with an application using libxml2, possibly resulting in execution of arbitrary code or a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All libxml2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.8.0_rc1"

References

[ 1 ] CVE-2011-3102 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3102

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201207-02.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201207-02.xml

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-189 Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17574
 
Oval ID: oval:org.mitre.oval:def:17574
Title: USN-1447-1 -- libxml2 vulnerability
Description: Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file.
Family: unix Class: patch
Reference(s): USN-1447-1
CVE-2011-3102
 Version: 7
Platform(s): Ubuntu 12.04
Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.04
Ubuntu 8.04
 Product(s): libxml2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18539
 
Oval ID: oval:org.mitre.oval:def:18539
Title: DSA-2479-1 libxml2 - off-by-one
Description: Jueri Aedla discovered an off-by-one in libxml2, which could result in the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-2479-1
CVE-2011-3102
 Version: 7
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
 Product(s): libxml2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20521
 
Oval ID: oval:org.mitre.oval:def:20521
Title: VMware vSphere security updates for the authentication service and third party libraries
Description: Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2011-3102
 Version: 4
Platform(s): VMWare ESX Server 4.1
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26593
 
Oval ID: oval:org.mitre.oval:def:26593
Title: Allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact
Description: Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2011-3102
 Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
 Product(s): Google Chrome
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2324
Os 129

OpenVAS Exploits

Date Description
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:0656-1 (update)
File : nvt/gb_suse_2012_0656_1.nasl
2012-10-03 Name : Fedora Update for libxml2 FEDORA-2012-13824
File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl
2012-09-27 Name : Fedora Update for libxml2 FEDORA-2012-13820
File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl
2012-09-22 Name : CentOS Update for libxml2 CESA-2012:1288 centos5
File : nvt/gb_CESA-2012_1288_libxml2_centos5.nasl
2012-09-22 Name : CentOS Update for libxml2 CESA-2012:1288 centos6
File : nvt/gb_CESA-2012_1288_libxml2_centos6.nasl
2012-09-22 Name : RedHat Update for libxml2 RHSA-2012:1288-01
File : nvt/gb_RHSA-2012_1288-01_libxml2.nasl
2012-08-10 Name : Gentoo Security Advisory GLSA 201207-02 (libxml2)
File : nvt/glsa_201207_02.nasl
2012-06-22 Name : Mandriva Update for libxml2 MDVSA-2012:098 (libxml2)
File : nvt/gb_mandriva_MDVSA_2012_098.nasl
2012-05-31 Name : Debian Security Advisory DSA 2479-1 (libxml2)
File : nvt/deb_2479_1.nasl
2012-05-31 Name : FreeBSD Ports: libxml2
File : nvt/freebsd_libxml23.nasl
2012-05-22 Name : Ubuntu Update for libxml2 USN-1447-1
File : nvt/gb_ubuntu_USN_1447_1.nasl
2012-05-17 Name : Google Chrome Multiple Vulnerabilities - May 12 (Linux)
File : nvt/gb_google_chrome_mult_vuln_may12_lin.nasl
2012-05-17 Name : Google Chrome Multiple Vulnerabilities - May 12 (Mac OS X)
File : nvt/gb_google_chrome_mult_vuln_may12_macosx.nasl
2012-05-17 Name : Google Chrome Multiple Vulnerabilities - May 12 (Windows)
File : nvt/gb_google_chrome_mult_vuln_may12_win.nasl

Information Assurance Vulnerability Management (IAVM)

Date Description
2013-02-07 IAVM : 2013-A-0031 - Multiple Security Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity : Category I - VMSKEY : V0036787

Nessus® Vulnerability Scanner

Date Description
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_esx_VMSA-2013-0001_remote.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1627-1.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_libxml2_20121120.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2012-1325.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1324.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-320.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-295.nasl - Type : ACT_GATHER_INFO
2014-01-23 Name : The remote host contains an application that has multiple vulnerabilities.
File : itunes_11_1_4.nasl - Type : ACT_GATHER_INFO
2014-01-23 Name : The remote host contains a multimedia application that has multiple vulnerabi...
File : itunes_11_1_4_banner.nasl - Type : ACT_GATHER_INFO
2013-11-13 Name : The remote VMware ESXi 5.1 host is affected by multiple security vulnerabilit...
File : vmware_esxi_5_1_build_1063671_remote.nasl - Type : ACT_GATHER_INFO
2013-11-13 Name : The remote VMware ESXi 5.0 host is affected by multiple vulnerabilities.
File : vmware_esxi_5_0_build_1022489_remote.nasl - Type : ACT_GATHER_INFO
2013-10-24 Name : The remote host contains an application that has multiple vulnerabilities.
File : itunes_11_1_2.nasl - Type : ACT_GATHER_INFO
2013-10-24 Name : The remote host contains a multimedia application that has multiple vulnerabi...
File : itunes_11_1_2_banner.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote device is affected by multiple vulnerabilities.
File : appletv_6_0.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-134.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1288.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0217.nasl - Type : ACT_GATHER_INFO
2013-04-20 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-056.nasl - Type : ACT_GATHER_INFO
2013-02-16 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2013-0001.nasl - Type : ACT_GATHER_INFO
2013-02-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130131_mingw32_libxml2_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-02-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0217.nasl - Type : ACT_GATHER_INFO
2013-02-01 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0217.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libxml2-120530.nasl - Type : ACT_GATHER_INFO
2012-09-27 Name : The remote Fedora host is missing a security update.
File : fedora_2012-13824.nasl - Type : ACT_GATHER_INFO
2012-09-27 Name : The remote Fedora host is missing a security update.
File : fedora_2012-13820.nasl - Type : ACT_GATHER_INFO
2012-09-20 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1288.nasl - Type : ACT_GATHER_INFO
2012-09-19 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120918_libxml2_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-09-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1288.nasl - Type : ACT_GATHER_INFO
2012-07-10 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201207-02.nasl - Type : ACT_GATHER_INFO
2012-06-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_libxml2-8156.nasl - Type : ACT_GATHER_INFO
2012-06-22 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-098.nasl - Type : ACT_GATHER_INFO
2012-05-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2479.nasl - Type : ACT_GATHER_INFO
2012-05-22 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1447-1.nasl - Type : ACT_GATHER_INFO
2012-05-21 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_b8ae4659a0da11e1a294bcaec565249c.nasl - Type : ACT_GATHER_INFO
2012-05-16 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_19_0_1084_46.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 11:37:28
  • Multiple Updates
2013-09-27 21:23:26
  • Multiple Updates