CVE-2011-3919

Priority
Medium
Description
Heap-based buffer overflow in libxml2, as used in Google Chrome before
16.0.912.75, allows remote attackers to cause a denial of service or
possibly have unspecified other impact via unknown vectors.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919
http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html
http://www.ubuntu.com/usn/usn-1334-1
Bugs
http://code.google.com/p/chromium/issues/detail?id=107128
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3919
Assigned-to
jdstrand
Package
Source: libxml2 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (2.6.31.dfsg-2ubuntu1.7)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.7.6.dfsg-1ubuntu1.3)
Ubuntu 10.10 (Maverick Meerkat):released (2.7.7.dfsg-4ubuntu0.3)
Ubuntu 11.04 (Natty Narwhal):released (2.7.8.dfsg-2ubuntu0.2)
Ubuntu 11.10 (Oneiric Ocelot):released (2.7.8.dfsg-4ubuntu0.1)
Ubuntu 12.04 LTS (Precise Pangolin):released (2.7.8.dfsg-5.1ubuntu2)
Patches:
Upstream:http://git.gnome.org/browse/libxml2/commit/?id=5bd3c061823a8499b27422aee04ea20aae24f03e
Package
Source: chromium-browser (LP Ubuntu Debian)
Upstream:released (16.0.912.75)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):pending (16.0.912.77~r118311-0ubuntu0.10.04.1)
Ubuntu 10.10 (Maverick Meerkat):pending (16.0.912.77~r118311-0ubuntu0.10.10.1)
Ubuntu 11.04 (Natty Narwhal):pending (16.0.912.77~r118311-0ubuntu0.11.04.1)
Ubuntu 11.10 (Oneiric Ocelot):pending (16.0.912.77~r118311-0ubuntu0.11.10.1)
Ubuntu 12.04 LTS (Precise Pangolin):released (16.0.912.77~r118311-0ubuntu1)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-02-01 03:14:18 UTC (commit 4777)