CVE-2010-4008

EPSS 0.76%

libxml2 - potential code execution

發布日:2010/11/17修改日:2026/4/28

也稱為:DEBIAN-CVE-2010-4008

描述

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.

受影響套件(2)

Debian/libxml2from 0, < 2.7.8.dfsg-1
Debian/libxml2from 0, < 2.6.32.dfsg-5+lenny2

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-4008