QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2010-4008

Back to search

CVE-2010-4008

Published: Nov 16, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.

VendorProductVersions

n/a

n/a

affected
n/a

References

40775
third-party-advisory
x_refsource_SECUNIA
42175
third-party-advisory
x_refsource_SECUNIA
[xml] 20101104 Release of libxml2-2.7.8
mailing-list
x_refsource_MLIST
HPSBMA02662
vendor-advisory
x_refsource_HP
44779
vdb-entry
x_refsource_BID
ADV-2011-0230
vdb-entry
x_refsource_VUPEN
ADV-2010-3046
vdb-entry
x_refsource_VUPEN
RHSA-2013:0217
vendor-advisory
x_refsource_REDHAT
USN-1016-1
vendor-advisory
x_refsource_UBUNTU
42109
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2010:023
vendor-advisory
x_refsource_SUSE
RHSA-2011:1749
vendor-advisory
x_refsource_REDHAT
APPLE-SA-2011-03-21-1
vendor-advisory
x_refsource_APPLE
APPLE-SA-2011-03-02-1
vendor-advisory
x_refsource_APPLE
ADV-2010-3100
vdb-entry
x_refsource_VUPEN
42314
third-party-advisory
x_refsource_SECUNIA
DSA-2128
vendor-advisory
x_refsource_DEBIAN
MDVSA-2010:243
vendor-advisory
x_refsource_MANDRIVA
APPLE-SA-2011-03-09-2
vendor-advisory
x_refsource_APPLE
SSRT100409
vendor-advisory
x_refsource_HP
ADV-2010-3076
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:12148
vdb-entry
signature
x_refsource_OVAL
HPSBGN02970
vendor-advisory
x_refsource_HP
42429
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2010-11-22-1
vendor-advisory
x_refsource_APPLE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now