{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-08-30T00:00:00", "descriptions": [{"lang": "en", "value": "libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-01-23T19:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://code.google.com/p/chromium/issues/detail?id=138672"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://chromiumcodereview.appspot.com/10823168"}, {"name": "50838", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/50838"}, {"name": "APPLE-SA-2013-10-22-8", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html"}, {"name": "DSA-2555", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2012/dsa-2555"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?r1=75684&r2=149998"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT6001"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html"}, {"name": "54886", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/54886"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT5934"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://code.google.com/p/chromium/issues/detail?id=140368"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://chromiumcodereview.appspot.com/10830177"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?view=log"}, {"name": "openSUSE-SU-2012:1215", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html"}, {"name": "MDVSA-2012:164", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:164"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?view=log"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123"}, {"name": "APPLE-SA-2013-09-18-2", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2012-2870", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://code.google.com/p/chromium/issues/detail?id=138672", "refsource": "CONFIRM", "url": "http://code.google.com/p/chromium/issues/detail?id=138672"}, {"name": "https://chromiumcodereview.appspot.com/10823168", "refsource": "CONFIRM", "url": "https://chromiumcodereview.appspot.com/10823168"}, {"name": "50838", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/50838"}, {"name": "APPLE-SA-2013-10-22-8", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html"}, {"name": "DSA-2555", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2012/dsa-2555"}, {"name": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?r1=75684&r2=149998", "refsource": "CONFIRM", "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?r1=75684&r2=149998"}, {"name": "http://support.apple.com/kb/HT6001", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT6001"}, {"name": "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html"}, {"name": "54886", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/54886"}, {"name": "http://support.apple.com/kb/HT5934", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT5934"}, {"name": "http://code.google.com/p/chromium/issues/detail?id=140368", "refsource": "CONFIRM", "url": "http://code.google.com/p/chromium/issues/detail?id=140368"}, {"name": "https://chromiumcodereview.appspot.com/10830177", "refsource": "CONFIRM", "url": "https://chromiumcodereview.appspot.com/10830177"}, {"name": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?view=log", "refsource": "CONFIRM", "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?view=log"}, {"name": "openSUSE-SU-2012:1215", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html"}, {"name": "MDVSA-2012:164", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:164"}, {"name": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?view=log", "refsource": "CONFIRM", "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?view=log"}, {"name": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123", "refsource": "CONFIRM", "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123"}, {"name": "APPLE-SA-2013-09-18-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:50:05.245Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://code.google.com/p/chromium/issues/detail?id=138672"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://chromiumcodereview.appspot.com/10823168"}, {"name": "50838", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/50838"}, {"name": "APPLE-SA-2013-10-22-8", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html"}, {"name": "DSA-2555", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2012/dsa-2555"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?r1=75684&r2=149998"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT6001"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html"}, {"name": "54886", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/54886"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT5934"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://code.google.com/p/chromium/issues/detail?id=140368"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://chromiumcodereview.appspot.com/10830177"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?view=log"}, {"name": "openSUSE-SU-2012:1215", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html"}, {"name": "MDVSA-2012:164", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:164"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?view=log"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123"}, {"name": "APPLE-SA-2013-09-18-2", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2012-2870", "datePublished": "2012-08-31T19:00:00", "dateReserved": "2012-05-19T00:00:00", "dateUpdated": "2024-08-06T19:50:05.245Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "D746FCB4-9ACA-425D-929F-F46EDDEC1B56", "versionEndIncluding": "6.1.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A7B6D035-38A9-4C0B-9A9D-CAE3BF1CA56D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0C5B94E7-2C24-4913-B65E-8D8A0DE2B80B", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E28FB0CB-D636-4F85-B5F7-70EC30053925", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EC16D1C-065A-4D1A-BA6E-528A71DF65CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "27319629-171F-42AA-A95F-2D71F78097D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "4F7AEFAB-7BB0-40D8-8BA5-71B374EB69DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "297F9438-0F04-4128-94A8-A504B600929E", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "F8618621-F871-4531-9F6C-7D60F2BF8B75", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "824DED2D-FA1D-46FC-8252-6E25546DAE29", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1641DDFA-3BF1-467F-8EC3-98114FF9F07B", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DF40CDA4-4716-4815-9ED0-093FE266734C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D61644E2-7AF5-48EF-B3D5-59C7B2AD1A58", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D06D54D-97FD-49FD-B251-CC86FBA68CA6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "25A5D868-0016-44AB-80E6-E5DF91F15455", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C14EEA4-6E35-4EBE-9A43-8F6D69318BA0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "B15E90AE-2E15-4BC2-B0B8-AFA2B1297B03", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "4E0C0A8D-3DDD-437A-BB3D-50FAEAF6C440", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "863383DA-0BC6-4A96-835A-A96128EC0202", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2CFF5BE7-2BF6-48CE-B74B-B1A05383C10F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "51D3BE2B-5A01-4AD4-A436-0056B50A535D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9A20F171-79FE-43B9-8309-B18341639FA1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "126EF22D-29BC-4366-97BC-B261311E6251", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "3B3DD7B3-DA4C-4B0A-A94E-6BF66B358B7D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3A939B80-0AD0-48AF-81A7-370716F56639", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D28528CE-4943-4F82-80C0-A629DA3E6702", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "12E22AF0-2B66-425A-A1EE-4F0E3B0433E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "BB34ECBE-33E8-40E1-936B-7800D2525AE6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "107C59BE-D8CF-4A17-8DFB-BED2AB12388D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "36C86BB9-0328-4E34-BC2B-47B3471EC262", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "A54A8681-2D8A-4B0B-A947-82F3CE1FB03C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "E0070D83-2E27-4DA8-8D10-A6A697216F36", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "8C9ACA63-4528-4090-B1EA-1FE57A6B0555", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7252935C-E421-4339-B61F-0299E28888DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "9DD342BF-096A-4082-B700-19629F2BDE87", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "93141AB6-26F2-4C6D-95B3-D383EABB4034", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "4D5C61FF-7CD3-410A-94F2-5DE701466B1F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "28A01C87-B02A-4239-8340-B396D0E6B21C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "06980521-B0EA-434D-89AD-A951EAF1D23F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A3AE6A93-3977-4B32-B2F6-55C94387DDE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E78F1F2C-2BFF-4D55-A754-102D6C42081B", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A0A4AF71-8E71-432A-B908-361DAF99F4B9", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEE0068D-C699-4646-9658-610409925A79", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "87C215DD-BC98-4283-BF13-69556EF7CB78", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C1C3966E-C136-47A9-B5B4-70613756ED27", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "22AD2A1F-A637-47DE-A69F-DAE4ABDFA4BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F6D398B8-821B-4DE9-ADF1-4983051F964C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:6.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "E0CCE5F2-4D32-404B-BAAC-E64F11BD41FB", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "9E9EB400-8080-4519-ADE0-DF99113483AE", "versionEndIncluding": "21.0.1180.88", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.0:*:*:*:*:*:*:*", "matchCriteriaId": "767C0C1A-EAC4-4F98-9E80-CFDA5069F118", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.1:*:*:*:*:*:*:*", "matchCriteriaId": "0E2554F0-0DEB-41A0-A595-6A524F9EC001", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.2:*:*:*:*:*:*:*", "matchCriteriaId": "4F542051-CEED-45A4-BB83-937069D07CB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.31:*:*:*:*:*:*:*", "matchCriteriaId": "AC926FFC-EF03-46F0-B5B5-02B34571D6C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.32:*:*:*:*:*:*:*", "matchCriteriaId": "24849FF0-F873-4365-9B82-F16AD7F4A291", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.33:*:*:*:*:*:*:*", "matchCriteriaId": "8E784307-0538-4524-94EA-A88B1ABD0E2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.34:*:*:*:*:*:*:*", "matchCriteriaId": "5655EFE7-69CB-469F-A00A-D6F3F7F492E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.35:*:*:*:*:*:*:*", "matchCriteriaId": "D3B22D68-9E32-4566-8ED1-F1CE87903F98", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.36:*:*:*:*:*:*:*", "matchCriteriaId": "40DB1183-DFF5-4251-BCDF-2F7696ABBFA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.37:*:*:*:*:*:*:*", "matchCriteriaId": "8BD5341A-E508-4E5B-B03F-677D97E5A464", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.38:*:*:*:*:*:*:*", "matchCriteriaId": "E096479F-4C69-445A-8C2B-7201896F401B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.39:*:*:*:*:*:*:*", "matchCriteriaId": "25756B8C-FBEB-4D7F-99E6-EA7D27B07B39", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.41:*:*:*:*:*:*:*", "matchCriteriaId": "41371794-2083-4188-90BE-506419DC0B82", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.46:*:*:*:*:*:*:*", "matchCriteriaId": "51FF3E52-3E8E-4D2F-ABA3-B7D83219D723", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.47:*:*:*:*:*:*:*", "matchCriteriaId": "981570FA-6B44-49A8-9C9B-7D5127E90F6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.48:*:*:*:*:*:*:*", "matchCriteriaId": "36D2B7FE-2B20-47CA-9B3C-B726E21659E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.49:*:*:*:*:*:*:*", "matchCriteriaId": "858BDFA4-E9CB-4537-ABA7-4283318CA501", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.50:*:*:*:*:*:*:*", "matchCriteriaId": "76D0CD04-8EF4-4B6A-BD4F-1DFCDDDD4DED", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.51:*:*:*:*:*:*:*", "matchCriteriaId": "9E912B5D-81F3-4A93-A0E6-B1CFDE2B46EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.52:*:*:*:*:*:*:*", "matchCriteriaId": "B578A2BC-9360-428C-9AFE-DC9DB9E0A621", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.53:*:*:*:*:*:*:*", "matchCriteriaId": "9DCB6048-5A18-4FD6-A21B-95B595CF943C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.54:*:*:*:*:*:*:*", "matchCriteriaId": "28882288-859D-425C-8BA3-F46D058B61D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.55:*:*:*:*:*:*:*", "matchCriteriaId": "444AD7BB-FE0B-4A51-BA89-EE2647F4E8AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.56:*:*:*:*:*:*:*", "matchCriteriaId": "A0692DD3-562D-4BE7-BB61-1549EFFF9CD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.57:*:*:*:*:*:*:*", "matchCriteriaId": "5FF70696-70A8-4DFA-A0C3-172A103F3F24", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.59:*:*:*:*:*:*:*", "matchCriteriaId": "25241621-CBB0-4E39-B901-2F70EE476722", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.60:*:*:*:*:*:*:*", "matchCriteriaId": "1355883C-C184-46C1-9CF7-AA59B0FC61B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.61:*:*:*:*:*:*:*", "matchCriteriaId": "DB090D01-9F7E-49CF-8356-80CC03999121", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.62:*:*:*:*:*:*:*", "matchCriteriaId": "A37AB354-581C-42CA-B8E9-9AEAC0B326AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.63:*:*:*:*:*:*:*", "matchCriteriaId": "885EFC87-061C-4EEF-880A-68D7D53BACDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.64:*:*:*:*:*:*:*", "matchCriteriaId": "D58B0932-1DF3-4308-8D82-B20564E974F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.68:*:*:*:*:*:*:*", "matchCriteriaId": "A8FAD1E6-788F-4295-BFD2-F3CE99B14934", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.69:*:*:*:*:*:*:*", "matchCriteriaId": "DF8AB897-7A45-4360-AFA7-EB7C8690ADD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.70:*:*:*:*:*:*:*", "matchCriteriaId": "9EF0FA83-C464-4270-A4E8-1441DF4ECFAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.71:*:*:*:*:*:*:*", "matchCriteriaId": "86B70015-F651-467C-A846-5C97772D91EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.72:*:*:*:*:*:*:*", "matchCriteriaId": "C07A549D-48EF-434C-ABBA-0FF7078060D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.73:*:*:*:*:*:*:*", "matchCriteriaId": "B573E86E-3512-4DB9-911E-1B27A3BB69DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.74:*:*:*:*:*:*:*", "matchCriteriaId": "D2BDB997-D125-4B5D-9680-9AED7D89FD0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.75:*:*:*:*:*:*:*", "matchCriteriaId": "0BAF7E49-6795-4848-AADD-40D8B2D5F5BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.76:*:*:*:*:*:*:*", "matchCriteriaId": "B7B244B3-86E0-4E1D-96A5-E0B9B50F2ADB", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.77:*:*:*:*:*:*:*", "matchCriteriaId": "A0FF1C67-9CB7-4C78-9F3C-C88AB5A6284D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.78:*:*:*:*:*:*:*", "matchCriteriaId": "3371BBF5-0B82-4005-96AE-9B604A2FA70B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.79:*:*:*:*:*:*:*", "matchCriteriaId": "5916EA0D-D763-4650-9AC4-A38C6E8EB052", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.80:*:*:*:*:*:*:*", "matchCriteriaId": "443C5B0F-8FC6-40E3-AA95-BB8884176002", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.81:*:*:*:*:*:*:*", "matchCriteriaId": "7CEE1054-F275-4C04-9F1E-994AD053827A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.82:*:*:*:*:*:*:*", "matchCriteriaId": "FA50A727-8EBA-4E97-A003-FAA2258D9128", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.83:*:*:*:*:*:*:*", "matchCriteriaId": "DEFF35D2-661A-4FCC-AB31-D354D1F204F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.84:*:*:*:*:*:*:*", "matchCriteriaId": "150E8749-5A22-4834-A165-1F9FAFE3F91D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.85:*:*:*:*:*:*:*", "matchCriteriaId": "DF534291-1F7A-486D-9574-CA9E734DBC6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.86:*:*:*:*:*:*:*", "matchCriteriaId": "A9ACB74A-3F0C-44FE-BC9D-4993AD58064F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.87:*:*:*:*:*:*:*", "matchCriteriaId": "D1BF669C-3DAD-46B6-B2B9-A226CAC7B0D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*", "matchCriteriaId": "9251F19D-BEA4-4ED4-9A4B-EA89E795C6D0", "versionEndIncluding": "1.1.26", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "CBFCEA36-7573-491B-8438-4E3FDF8E97ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "EF38997D-634C-423C-BD82-44E74A99D8DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "A9B4CF5A-150E-4814-BA15-EF9FB30AD0CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "9D4401FF-84D8-4AD5-BAED-978E31E5DADB", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "CC004874-3C5D-4932-AD5B-BE7156D7D13E", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "269892E0-1ABA-4D0F-8266-A4DA8A575967", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "4597D362-AD62-4D58-BC7F-CCED44488466", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "0D885D06-D6E5-432C-9923-AE2CE73F7654", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "6F5003EF-82E2-49F9-9F74-CB92FE98E2E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "5C0D6095-2A7B-4328-ADA0-283E8F79AFDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "91C70E5E-A987-4BF3-9300-E4A3F2B0B853", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "C5EFA6E9-593B-484A-A8FB-A22BAEE208B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "6C55B5B1-76F1-480B-B7F9-EF4AFE79E3F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "58E904DA-889E-44B9-9AF6-EC753FB316BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "A3BC6F57-1DDD-4EA6-83F9-2672B11DF7B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "69A51C1E-21C9-4FA4-8340-345B5E1F1B70", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxslt:1.1.24:*:*:*:*:*:*:*", "matchCriteriaId": "C9D7C38F-EF88-4531-803D-BA911978A176", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c."}, {"lang": "es", "value": "libxslt v1.1.26 y anteriores, tal como se utiliza en Google Chrome anterior a v21.0.1180.89, no gestiona adecuadamente la memoria, lo que podr\u00eda permitir a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de una elaborada expresi\u00f3n XSLT que no est\u00e9 debidamente identificado durante XPath navegaci\u00f3n, en relaci\u00f3n con (1) la funci\u00f3n xsltCompileLocationPathPattern en libxslt / pattern.c y (2) la funci\u00f3n xsltGenerateIdFunction en libxslt / functions.c."}], "id": "CVE-2012-2870", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-08-31T19:55:01.077", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://code.google.com/p/chromium/issues/detail?id=138672"}, {"source": "chrome-cve-admin@google.com", "url": "http://code.google.com/p/chromium/issues/detail?id=140368"}, {"source": "chrome-cve-admin@google.com", "url": "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://secunia.com/advisories/50838"}, {"source": "chrome-cve-admin@google.com", "url": "http://secunia.com/advisories/54886"}, {"source": "chrome-cve-admin@google.com", "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?r1=75684&r2=149998"}, {"source": "chrome-cve-admin@google.com", "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?view=log"}, {"source": "chrome-cve-admin@google.com", "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123"}, {"source": "chrome-cve-admin@google.com", "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?view=log"}, {"source": "chrome-cve-admin@google.com", "url": "http://support.apple.com/kb/HT5934"}, {"source": "chrome-cve-admin@google.com", "url": "http://support.apple.com/kb/HT6001"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.debian.org/security/2012/dsa-2555"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:164"}, {"source": "chrome-cve-admin@google.com", "url": "https://chromiumcodereview.appspot.com/10823168"}, {"source": "chrome-cve-admin@google.com", "url": "https://chromiumcodereview.appspot.com/10830177"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://code.google.com/p/chromium/issues/detail?id=138672"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://code.google.com/p/chromium/issues/detail?id=140368"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/50838"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/54886"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?r1=75684&r2=149998"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?view=log"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?view=log"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT5934"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT6001"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2012/dsa-2555"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:164"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://chromiumcodereview.appspot.com/10823168"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://chromiumcodereview.appspot.com/10830177"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2012:1265", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "libxslt-0:1.1.17-4.el5_8.3", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2012-09-13T00:00:00Z"}, {"advisory": "RHSA-2012:1265", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "libxslt-0:1.1.26-2.el6_3.1", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2012-09-13T00:00:00Z"}], "bugzilla": {"description": "libxslt: Use-after-free when processing an invalid XPath expression", "id": "852937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=852937"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "verified"}, "cwe": "CWE-416", "details": ["libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c."], "name": "CVE-2012-2870", "public_date": "2012-08-31T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-2870\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-2870"], "threat_severity": "Low"}