CVE-2011-2821

Published: Aug 29, 2011Modified: Apr 29, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.

Affected (10)

Products: Google: Chrome · Debian: Debian Linux · Redhat: Enterprise Linux Desktop, Enterprise Linux Eus, Enterprise Linux Server, Enterprise Linux Workstation · +1 more

Show all products

Google: Chrome · Debian: Debian Linux · Redhat: Enterprise Linux Desktop, Enterprise Linux Eus, Enterprise Linux Server, Enterprise Linux Workstation · Apple: Iphone Os, Mac Os X

1 product

1 product

4 products

Enterprise Linux Desktop

Enterprise Linux Eus

Enterprise Linux Server

Enterprise Linux Workstation

2 products

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Before 13.0.782.215

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 5.0
Debian Debian Linux	Version 6.0
Debian Debian Linux	Version 7.0

Configuration C

4 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Eus	Version 6.3
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Workstation	Version 6.0

Configuration D

2 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Before 6.0
Apple Mac Os X	Before 10.7.4

Related CWEs

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (24)

http://code.google.com/p/chromium/issues/detail?id=89402

Source: chrome-cve-admin@google.com

http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html

Source: chrome-cve-admin@google.com

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041

Source: chrome-cve-admin@google.com

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

Source: chrome-cve-admin@google.com

http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

Source: chrome-cve-admin@google.com

http://rhn.redhat.com/errata/RHSA-2013-0217.html

Source: chrome-cve-admin@google.com

http://support.apple.com/kb/HT5281

Source: chrome-cve-admin@google.com

http://support.apple.com/kb/HT5503

Source: chrome-cve-admin@google.com

http://www.debian.org/security/2012/dsa-2394

Source: chrome-cve-admin@google.com

http://www.mandriva.com/security/advisories?name=MDVSA-2011:145

Source: chrome-cve-admin@google.com

http://www.redhat.com/support/errata/RHSA-2011-1749.html

Source: chrome-cve-admin@google.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13840

Source: chrome-cve-admin@google.com

http://code.google.com/p/chromium/issues/detail?id=89402

Source: af854a3a-2127-422b-91ae-364da2661108

http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2013-0217.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT5281

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT5503

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2012/dsa-2394

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2011:145

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2011-1749.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13840

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.