QwikSec

Security Database

CVE

CWE

Training

CVE-2013-1969

Published: Apr 25, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f

x_refsource_CONFIRM

openSUSE-SU-2013:0729

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2013:0945

vendor-advisory

x_refsource_SUSE

https://bugzilla.gnome.org/show_bug.cgi?id=690202

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

[oss-security] 20130417 CVE request : libxml2 Multiple Use-After-Free Vulnerabilities

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20130418 Re: CVE request : libxml2 Multiple Use-After-Free Vulnerabilities

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.