Back to search
CVE-2012-6139
Published: Apr 12, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
USN-1784-1
vendor-advisory
x_refsource_UBUNTU
52884
third-party-advisory
x_refsource_SECUNIA
52813
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.gnome.org/show_bug.cgi?id=685330
x_refsource_CONFIRM
SUSE-SU-2013:1654
vendor-advisory
x_refsource_SUSE
SUSE-SU-2013:1656
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2013:0593
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2013:0585
vendor-advisory
x_refsource_SUSE
MDVSA-2013:141
vendor-advisory
x_refsource_MANDRIVA
1028338
vdb-entry
x_refsource_SECTRACK
http://xmlsoft.org/XSLT/news.html
x_refsource_CONFIRM
52745
third-party-advisory
x_refsource_SECUNIA
FEDORA-2013-4507
vendor-advisory
x_refsource_FEDORA
52805
third-party-advisory
x_refsource_SECUNIA
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0107
x_refsource_CONFIRM
https://bugzilla.gnome.org/show_bug.cgi?id=685328
x_refsource_CONFIRM
DSA-2654
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now