LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

libxml2: code execution

Package(s):libxml2 CVE #(s):CVE-2011-3102
Created:May 22, 2012 Updated:March 1, 2013
Description: From the Ubuntu advisory:

Juri Aedla discovered that libxml2 contained an off by one error in its XPointer functionality. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program.

Alerts:
Ubuntu USN-1447-1 2012-05-21
Debian DSA-2479-1 2012-05-23
openSUSE openSUSE-SU-2012:0656-1 2012-05-29
openSUSE openSUSE-SU-2012:0731-1 2012-06-13
Mandriva MDVSA-2012:098 2012-06-21
Gentoo 201207-02 2012-07-09
Red Hat RHSA-2012:1288-01 2012-09-18
CentOS CESA-2012:1288 2012-09-18
Oracle ELSA-2012-1288 2012-09-18
Oracle ELSA-2012-1288 2012-09-18
Scientific Linux SL-libx-20120918 2012-09-18
CentOS CESA-2012:1288 2012-09-20
Fedora FEDORA-2012-13820 2012-09-26
Fedora FEDORA-2012-13824 2012-09-27
Red Hat RHSA-2013:0217-01 2013-01-31
CentOS CESA-2013:0217 2013-02-01
Oracle ELSA-2013-0217 2013-02-01
Scientific Linux SL-ming-20130201 2013-02-01
Oracle ELSA-2013-0581 2013-03-01
Mandriva MDVSA-2013:056 2013-04-08
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds