oss-sec mailing list archives
Re: CVE request: libxslt "xsltDocumentFunction()" and "xsltAddKey()" Denial of Service Vulnerabilities
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 25 Mar 2013 14:23:58 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/25/2013 10:04 AM, Agostino Sarubbo wrote:
From the secunia advisory: https://secunia.com/advisories/52805/ 1) An error within the "xsltDocumentFunction()" function (libxslt/functions.c) when parsing XSL templates can be exploited to cause a crash. Commit code: http://git.gnome.org/browse/libxslt/commit/?id=6c99c519d97e5fcbec7a9537d190efb442e4e833
2) A NULL-pointer dereference error within the "xsltAddKey()" function
(libxslt/keys.c) when parsing XSL keys can be exploited to cause a crash. Commit code: http://git.gnome.org/browse/libxslt/commit/?id=dc11b6b379a882418093ecc8adf11f6166682e8d Both issue are fixed in the version 1.1.28
CVE MERGING these two issues since same reporter/vuln/version. Please use CVE-2012-6139 for these two issues. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRULJeAAoJEBYNRVNeJnmTbdEP/RFuhNQ1kKhRMXIIpiDDDB71 SIlt425FLWwotj04DwK3WKdr0t9pr02LWjZ7MzkPDplx1t+0LpI+7TL+RR0Mbox3 rufPU7O9hv1BvRoQMJpvBJ6XGRut2mzmP8MuNVczqzK1asLORatTRrEaSPnfcJdN jrcVgUP9J9wj1I44zfohwFQO2XNGaJTbES11i/tKNdyryE5mlklxyiSFDH0gIsv1 c38IxMRklmJZck+i4U5XCWOGE2ZMsnbHv8g6oiqAz8p1lAp1vWda+2b+5RGCbV4a 6BooIP1k3iq5JYTRIP2QAhHkAENh2gJXJkQjKsINWHD2bQtW6nuIhtDDXEOIGDgY FpOXkIOdZgABKlbkM7ksmABg9Pm2qamrXLnQlTIcjF8UJzqmCRiSBtwiEFj8CQ6z kLyavChywjaNgGKKRg+FtbCAGnzOIjj682j+QIdOLzSiLpdnnEKFAO8eed/MXRqI pZLmnVqDFfdUl/hTVq2AmsTSUPS+UjRg0HKW9f8dXeTHZMZrBEkqizX0VB7A/HJD 0duLmpABquE9Wm8/4uHzH+nK7kGhQC4sWGSdNx9buEKCcjkSVG2POgRNok15RYqr h/0iK5T8tNKwVxAkYU+w87oYXcLM5O6KdX5BK2iWBHu8JFEbZzyYPJZPwTGkT0Jc uGyN9XIUrzR/KgebxRs6 =mCe/ -----END PGP SIGNATURE-----
Current thread:
- CVE request: libxslt "xsltDocumentFunction()" and "xsltAddKey()" Denial of Service Vulnerabilities Agostino Sarubbo (Mar 25)
- Re: CVE request: libxslt "xsltDocumentFunction()" and "xsltAddKey()" Denial of Service Vulnerabilities Kurt Seifried (Mar 25)