#VU33319 Resource management error in libxslt - CVE-2012-2870

Cybersecurity Help s.r.o.

Published: 2012-08-31 | Updated: 2020-08-03

Vulnerability identifier: #VU33319

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2012-2870

CWE-ID: CWE-399

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libxslt
Universal components / Libraries / Libraries used by multiple products

Vendor: Gnome Development Team

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libxslt: 1.1.0 - 1.1.26

External links
https://code.google.com/p/chromium/issues/detail?id=138672
https://code.google.com/p/chromium/issues/detail?id=140368
https://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html
https://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
https://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
https://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html
https://secunia.com/advisories/50838
https://secunia.com/advisories/54886
https://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?r1=75684&r2=149998
https://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/functions.c?view=log
https://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123
https://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxslt/libxslt/pattern.c?view=log
https://support.apple.com/kb/HT5934
https://support.apple.com/kb/HT6001
https://www.debian.org/security/2012/dsa-2555
https://www.mandriva.com/security/advisories?name=MDVSA-2012:164
https://chromiumcodereview.appspot.com/10823168
https://chromiumcodereview.appspot.com/10830177

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Resource management error in libxslt (Alpine package)

Resource management error in libxslt for Libxml2