CVE-2012-5134

Priority
Medium
Description
Heap-based buffer underflow in the xmlParseAttValueComplex function in
parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before
23.0.1271.91 and other products, allows remote attackers to cause a denial
of service or possibly execute arbitrary code via crafted entities in an
XML document.
References
Bugs
Notes
 jdstrand> sarnold provided the update for libxml2
Assigned-to
chad
Package
Upstream:released (2.8.0+dfsg1-7)
Patches:
Upstream:http://git.gnome.org/browse/libxml2/commit/?id=6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d
Vendor:http://www.debian.org/security/2012/dsa-2580
Package
Upstream:released (23.0.1271.91)
More Information

Updated: 2018-06-26 04:48:00 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)