QwikSec

Security Database

CVE

CWE

Training

CVE-2012-5134

Published: Nov 28, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=880466

x_refsource_CONFIRM

APPLE-SA-2013-10-22-8

vendor-advisory

x_refsource_APPLE

SUSE-SU-2013:1627

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2012:1637

vendor-advisory

x_refsource_SUSE

http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_DEBIAN

http://support.apple.com/kb/HT6001

x_refsource_CONFIRM

google-libxml-buffer-underflow(80294)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_SECTRACK

third-party-advisory

x_refsource_SECUNIA

http://support.apple.com/kb/HT5934

x_refsource_CONFIRM

openSUSE-SU-2013:0178

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

http://git.gnome.org/browse/libxml2/commit/?id=6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d

x_refsource_CONFIRM

vendor-advisory

x_refsource_MANDRIVA

third-party-advisory

x_refsource_SECUNIA

https://code.google.com/p/chromium/issues/detail?id=158249

x_refsource_CONFIRM

APPLE-SA-2013-09-18-2

vendor-advisory

x_refsource_APPLE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.