CVE-2010-4008: Buffer Overflow
First published: Tue Nov 16 2010(Updated: )
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Chrome | <7.0.517.44 | |
| iOS | <4.2 | |
| Apple iOS and macOS | <10.6.7 | |
| Apple iTunes for Windows | <10.2 | |
| Apple Mobile Safari | <5.0.4 | |
| libxml2 | <2.7.8 | |
| Debian | =5.0 | |
| Debian | =6.0 | |
| Ubuntu | =10.10 | |
| Ubuntu | =6.06 | |
| Ubuntu | =8.04 | |
| Ubuntu | =10.04 | |
| Ubuntu | =9.10 | |
| redhat enterprise Linux desktop | =6.0 | |
| redhat enterprise Linux server | =6.0 | |
| redhat enterprise Linux workstation | =6.0 | |
| redhat enterprise Linux server eus | =6.3 | |
| openSUSE | =11.1 | |
| openSUSE | =11.2 | |
| openSUSE | =11.3 | |
| SUSE Linux Enterprise Server | =11-sp1 | |
| SUSE Linux Enterprise Server | =11 | |
| SUSE Linux Enterprise Server | =10-sp3 | |
| Apache OpenOffice | >=2.0.0<=2.4.3 | |
| Apache OpenOffice | >=3.0.0<3.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html
- http://secunia.com/advisories/42175
- http://code.google.com/p/chromium/issues/detail?id=58731
- http://mail.gnome.org/archives/xml/2010-November/msg00015.html
- http://secunia.com/advisories/42109
- http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/
- http://support.apple.com/kb/HT4456
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
- http://www.debian.org/security/2010/dsa-2128
- http://www.securityfocus.com/bid/44779
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:243
- http://www.vupen.com/english/advisories/2010/3046
- http://www.ubuntu.com/usn/USN-1016-1
- http://secunia.com/advisories/42429
- http://www.vupen.com/english/advisories/2010/3076
- http://secunia.com/advisories/42314
- http://www.vupen.com/english/advisories/2010/3100
- http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
- http://www.vupen.com/english/advisories/2011/0230
- http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html
- http://support.apple.com/kb/HT4554
- http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
- http://support.apple.com/kb/HT4566
- http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
- http://support.apple.com/kb/HT4581
- http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
- http://marc.info/?l=bugtraq&m=130331363227777&w=2
- http://www.redhat.com/support/errata/RHSA-2011-1749.html
- http://rhn.redhat.com/errata/RHSA-2013-0217.html
- http://secunia.com/advisories/40775
- http://marc.info/?l=bugtraq&m=139447903326211&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148
Frequently Asked Questions
What is the severity of CVE-2010-4008?
CVE-2010-4008 has a severity rating that indicates it could lead to a denial of service due to application crashes.
How do I fix CVE-2010-4008?
To fix CVE-2010-4008, update the affected software to versions higher than libxml2 2.7.8, Google Chrome 7.0.517.44, and Apple Safari 5.0.2.
What products are affected by CVE-2010-4008?
CVE-2010-4008 affects multiple products, including Google Chrome, Apple Safari, Apple iTunes, and libxml2 prior to 2.7.8.
Can CVE-2010-4008 cause data loss?
CVE-2010-4008 primarily causes application crashes, which can lead to data loss if unsaved work is present at the time of the crash.
Is there a workaround for CVE-2010-4008?
There is no officially recommended workaround for CVE-2010-4008 aside from applying the necessary software updates.
- agent/type
- agent/references
- agent/remedy
- agent/severity
- agent/author
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/google
- canonical/google chrome
- vendor/apple
- canonical/ios
- canonical/apple ios and macos
- canonical/apple itunes for windows
- canonical/apple mobile safari
- vendor/xmlsoft
- canonical/libxml2
- vendor/debian
- canonical/debian
- version/debian/5.0
- version/debian/6.0
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/10.10
- version/ubuntu/6.06
- version/ubuntu/8.04
- version/ubuntu/10.04
- version/ubuntu/9.10
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- canonical/redhat enterprise linux server eus
- version/redhat enterprise linux server eus/6.3
- vendor/opensuse
- canonical/opensuse
- version/opensuse/11.1
- version/opensuse/11.2
- version/opensuse/11.3
- vendor/suse
- canonical/suse linux enterprise server
- version/suse linux enterprise server/11-sp1
- version/suse linux enterprise server/11
- version/suse linux enterprise server/10-sp3
- vendor/apache
- canonical/apache openoffice
- version/apache openoffice/2.0.0
- version/apache openoffice/2.4.3
- version/apache openoffice/3.0.0