CVE-2011-3919

Published: Jan 7, 2012Modified: Apr 29, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Affected (11)

Products: Google: Chrome · Apple: Iphone Os, Mac Os X · Suse: Linux Enterprise Server · +2 more

Show all products

Google: Chrome · Apple: Iphone Os, Mac Os X · Suse: Linux Enterprise Server · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Eus, Enterprise Linux Workstation · Debian: Debian Linux

1 product

2 products

1 product

Linux Enterprise Server

4 products

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Server Eus

Enterprise Linux Workstation

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Before 16.0.912.75

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Before 6.0
Apple Mac Os X	Before 10.7.4

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Suse Linux Enterprise Server	Version 10 sp4

Configuration D

4 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Server Eus	Version 6.3
Redhat Enterprise Linux Workstation	Version 6.0

Configuration E

3 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 5.0
Debian Debian Linux	Version 6.0
Debian Debian Linux	Version 7.0

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (30)

http://code.google.com/p/chromium/issues/detail?id=107128

Source: chrome-cve-admin@google.com

http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html

Source: chrome-cve-admin@google.com

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

Source: chrome-cve-admin@google.com

http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

Source: chrome-cve-admin@google.com

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html

Source: chrome-cve-admin@google.com

http://rhn.redhat.com/errata/RHSA-2013-0217.html

Source: chrome-cve-admin@google.com

http://secunia.com/advisories/47449

Source: chrome-cve-admin@google.com

http://secunia.com/advisories/55568

Source: chrome-cve-admin@google.com

http://support.apple.com/kb/HT5281

Source: chrome-cve-admin@google.com

http://support.apple.com/kb/HT5503

Source: chrome-cve-admin@google.com

http://www.debian.org/security/2012/dsa-2394

Source: chrome-cve-admin@google.com

http://www.mandriva.com/security/advisories?name=MDVSA-2012:005

Source: chrome-cve-admin@google.com

http://www.securityfocus.com/bid/51300

Source: chrome-cve-admin@google.com

http://www.securitytracker.com/id?1026487

Source: chrome-cve-admin@google.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14504

Source: chrome-cve-admin@google.com

http://code.google.com/p/chromium/issues/detail?id=107128

Source: af854a3a-2127-422b-91ae-364da2661108

http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2013-0217.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/47449

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/55568

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT5281

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT5503

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2012/dsa-2394

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2012:005

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/51300

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1026487

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14504

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.