oss-sec mailing list archives

CVE request: libxslt "xsltDocumentFunction()" and "xsltAddKey()" Denial of Service Vulnerabilities

From: Agostino Sarubbo <ago () gentoo org>
Date: Mon, 25 Mar 2013 17:04:05 +0100

From the secunia advisory: https://secunia.com/advisories/52805/


1) An error within the "xsltDocumentFunction()" function (libxslt/functions.c) 
when parsing XSL templates can be exploited to cause a crash.

Commit code:
http://git.gnome.org/browse/libxslt/commit/?id=6c99c519d97e5fcbec7a9537d190efb442e4e833


2) A NULL-pointer dereference error within the "xsltAddKey()" function 
(libxslt/keys.c) when parsing XSL keys can be exploited to cause a crash.

Commit code:
http://git.gnome.org/browse/libxslt/commit/?id=dc11b6b379a882418093ecc8adf11f6166682e8d



Both issue are fixed in the version 1.1.28
-- 
Agostino Sarubbo
Gentoo Linux Developer

Current thread:

CVE request: libxslt "xsltDocumentFunction()" and "xsltAddKey()" Denial of Service Vulnerabilities Agostino Sarubbo (Mar 25)
- Re: CVE request: libxslt "xsltDocumentFunction()" and "xsltAddKey()" Denial of Service Vulnerabilities Kurt Seifried (Mar 25)