CVE-2012-2871 (retired)

Priority
Description
libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before
21.0.1180.89, does not properly support a cast of an unspecified variable
during handling of XSL transforms, which allows remote attackers to cause a
denial of service or possibly have unknown other impact via a crafted
document, related to the _xmlNs data structure in include/libxml/tree.h.
Notes
 mdeslaur> libxslt, not libxml2
 jdstrand> mdeslaur provided the update for libxslt
Assigned-to
chad
More Information

Updated: 2019-03-26 12:02:35 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)