Candidate: CVE-2013-4520
PublicDate: 2013-12-14 20:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4520
 http://www.openwall.com/lists/oss-security/2013/11/05
Description:
 xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause
 a denial of service (crash) via a stylesheet that embeds a DTD, which
 causes a structure to be accessed as a different type.  NOTE: this issue is
 due to an incomplete fix for CVE-2012-2825.
Ubuntu-Description:
Notes:
Bugs:
 https://bugzilla.novell.com/show_bug.cgi?id=849019
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_libxslt:
 other: https://gitorious.org/libxslt/libxslt/commit/7089a62b8f133b42a2981cf1f920a8b3fe9a8caa
upstream_libxslt: released (1.1.25)
lucid_libxslt: not-affected (1.1.26-1ubuntu1.2)
precise_libxslt: not-affected
quantal_libxslt: not-affected
raring_libxslt: not-affected
saucy_libxslt: not-affected
devel_libxslt: not-affected