Informazioni sul CVE-2010-4008
N/A
CWE ID: N/A
Base Score (CVSS): N/A
CVE: CVE-2010-4008
Descrizione: libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.
Vettore di attacco
Punteggio CVSS
Il CVSS è un sistema di valutazione che misura la gravità di una vulnerabilità informatica considerando fattori come l’impatto potenziale, la probabilità di attacco e la facilità di esecuzione.
Punteggio Base (calcolato da AziendaSicura): 0.0 (None)
Riassunto: .
Dettaglio del Vettore
| Metrica | Valore | Significato | Descrizione |
|---|
Riferimenti esterni
- http://secunia.com/advisories/40775
- http://secunia.com/advisories/42175
- http://mail.gnome.org/archives/xml/2010-November/msg00015.html
- http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html
- http://marc.info/?l=bugtraq&m=130331363227777&w=2
- http://www.securityfocus.com/bid/44779
- http://www.vupen.com/english/advisories/2011/0230
- http://www.vupen.com/english/advisories/2010/3046
- http://rhn.redhat.com/errata/RHSA-2013-0217.html
- http://www.ubuntu.com/usn/USN-1016-1
- http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/
- http://secunia.com/advisories/42109
- http://support.apple.com/kb/HT4566
- http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
- http://www.redhat.com/support/errata/RHSA-2011-1749.html
- http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
- http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
- http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html
- http://www.vupen.com/english/advisories/2010/3100
- http://secunia.com/advisories/42314
- http://support.apple.com/kb/HT4554
- http://www.debian.org/security/2010/dsa-2128
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:243
- http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
- http://marc.info/?l=bugtraq&m=130331363227777&w=2
- http://www.vupen.com/english/advisories/2010/3076
- http://support.apple.com/kb/HT4456
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148
- http://code.google.com/p/chromium/issues/detail?id=58731
- http://marc.info/?l=bugtraq&m=139447903326211&w=2
- http://secunia.com/advisories/42429
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
- http://support.apple.com/kb/HT4581
Prodotti interessati
- n/a – n/a
Relazioni con altri prodotti
Nessun prodotto trovato per il CVE: cve-2010-4008