Your submission was sent successfully! Close

CVE-2013-1969

Published: 25 April 2013

Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function.

Priority

Medium

Status

Package Release Status
libxml2
Launchpad, Ubuntu, Debian
hardy Not vulnerable

lucid Not vulnerable

oneiric Not vulnerable

precise Not vulnerable

quantal Not vulnerable

raring
Released (2.9.0+dfsg1-4ubuntu4.1)
upstream Needed