CVE-2013-4520
First published: Sat Dec 14 2013(Updated: )
xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fix for CVE-2012-2825.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xmlsoft Libxslt | <=1.1.24 | |
| Xmlsoft Libxslt | =0.0.1 | |
| Xmlsoft Libxslt | =0.1.0 | |
| Xmlsoft Libxslt | =0.2.0 | |
| Xmlsoft Libxslt | =0.3.0 | |
| Xmlsoft Libxslt | =0.4.0 | |
| Xmlsoft Libxslt | =0.5.0 | |
| Xmlsoft Libxslt | =0.6.0 | |
| Xmlsoft Libxslt | =0.7.0 | |
| Xmlsoft Libxslt | =0.8.0 | |
| Xmlsoft Libxslt | =0.9.0 | |
| Xmlsoft Libxslt | =0.10.0 | |
| Xmlsoft Libxslt | =0.11.0 | |
| Xmlsoft Libxslt | =0.12.0 | |
| Xmlsoft Libxslt | =0.13.0 | |
| Xmlsoft Libxslt | =0.14.0 | |
| Xmlsoft Libxslt | =1.0.0 | |
| Xmlsoft Libxslt | =1.0.1 | |
| Xmlsoft Libxslt | =1.0.2 | |
| Xmlsoft Libxslt | =1.0.3 | |
| Xmlsoft Libxslt | =1.0.4 | |
| Xmlsoft Libxslt | =1.0.5 | |
| Xmlsoft Libxslt | =1.0.6 | |
| Xmlsoft Libxslt | =1.0.7 | |
| Xmlsoft Libxslt | =1.0.8 | |
| Xmlsoft Libxslt | =1.0.9 | |
| Xmlsoft Libxslt | =1.0.10 | |
| Xmlsoft Libxslt | =1.0.11 | |
| Xmlsoft Libxslt | =1.0.12 | |
| Xmlsoft Libxslt | =1.0.13 | |
| Xmlsoft Libxslt | =1.0.14 | |
| Xmlsoft Libxslt | =1.0.15 | |
| Xmlsoft Libxslt | =1.0.16 | |
| Xmlsoft Libxslt | =1.0.17 | |
| Xmlsoft Libxslt | =1.0.18 | |
| Xmlsoft Libxslt | =1.0.19 | |
| Xmlsoft Libxslt | =1.0.20 | |
| Xmlsoft Libxslt | =1.0.21 | |
| Xmlsoft Libxslt | =1.0.22 | |
| Xmlsoft Libxslt | =1.0.23 | |
| Xmlsoft Libxslt | =1.0.24 | |
| Xmlsoft Libxslt | =1.0.25 | |
| Xmlsoft Libxslt | =1.0.26 | |
| Xmlsoft Libxslt | =1.0.27 | |
| Xmlsoft Libxslt | =1.0.28 | |
| Xmlsoft Libxslt | =1.0.29 | |
| Xmlsoft Libxslt | =1.0.30 | |
| Xmlsoft Libxslt | =1.0.31 | |
| Xmlsoft Libxslt | =1.0.32 | |
| Xmlsoft Libxslt | =1.0.33 | |
| Xmlsoft Libxslt | =1.1.0 | |
| Xmlsoft Libxslt | =1.1.1 | |
| Xmlsoft Libxslt | =1.1.2 | |
| Xmlsoft Libxslt | =1.1.3 | |
| Xmlsoft Libxslt | =1.1.4 | |
| Xmlsoft Libxslt | =1.1.5 | |
| Xmlsoft Libxslt | =1.1.6 | |
| Xmlsoft Libxslt | =1.1.7 | |
| Xmlsoft Libxslt | =1.1.8 | |
| Xmlsoft Libxslt | =1.1.9 | |
| Xmlsoft Libxslt | =1.1.10 | |
| Xmlsoft Libxslt | =1.1.11 | |
| Xmlsoft Libxslt | =1.1.12 | |
| Xmlsoft Libxslt | =1.1.13 | |
| Xmlsoft Libxslt | =1.1.14 | |
| Xmlsoft Libxslt | =1.1.15 | |
| Xmlsoft Libxslt | =1.1.16 | |
| Xmlsoft Libxslt | =1.1.17 | |
| Xmlsoft Libxslt | =1.1.18 | |
| Xmlsoft Libxslt | =1.1.19 | |
| Xmlsoft Libxslt | =1.1.20 | |
| Xmlsoft Libxslt | =1.1.21 | |
| Xmlsoft Libxslt | =1.1.22 | |
| Xmlsoft Libxslt | =1.1.23 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seclists.org/oss-sec/2013/q4/238
- http://seclists.org/oss-sec/2013/q4/239
- http://secunia.com/advisories/56072
- http://www.osvdb.org/99671
- https://bugzilla.novell.com/show_bug.cgi?id=849019
- https://gitorious.org/libxslt/libxslt/commit/7089a62b8f133b42a2981cf1f920a8b3fe9a8caa
- https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.html
- https://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.html
- collector/nvd-index
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/xmlsoft
- canonical/xmlsoft libxslt
- version/xmlsoft libxslt/1.1.24
- version/xmlsoft libxslt/0.0.1
- version/xmlsoft libxslt/0.1.0
- version/xmlsoft libxslt/0.2.0
- version/xmlsoft libxslt/0.3.0
- version/xmlsoft libxslt/0.4.0
- version/xmlsoft libxslt/0.5.0
- version/xmlsoft libxslt/0.6.0
- version/xmlsoft libxslt/0.7.0
- version/xmlsoft libxslt/0.8.0
- version/xmlsoft libxslt/0.9.0
- version/xmlsoft libxslt/0.10.0
- version/xmlsoft libxslt/0.11.0
- version/xmlsoft libxslt/0.12.0
- version/xmlsoft libxslt/0.13.0
- version/xmlsoft libxslt/0.14.0
- version/xmlsoft libxslt/1.0.0
- version/xmlsoft libxslt/1.0.1
- version/xmlsoft libxslt/1.0.2
- version/xmlsoft libxslt/1.0.3
- version/xmlsoft libxslt/1.0.4
- version/xmlsoft libxslt/1.0.5
- version/xmlsoft libxslt/1.0.6
- version/xmlsoft libxslt/1.0.7
- version/xmlsoft libxslt/1.0.8
- version/xmlsoft libxslt/1.0.9
- version/xmlsoft libxslt/1.0.10
- version/xmlsoft libxslt/1.0.11
- version/xmlsoft libxslt/1.0.12
- version/xmlsoft libxslt/1.0.13
- version/xmlsoft libxslt/1.0.14
- version/xmlsoft libxslt/1.0.15
- version/xmlsoft libxslt/1.0.16
- version/xmlsoft libxslt/1.0.17
- version/xmlsoft libxslt/1.0.18
- version/xmlsoft libxslt/1.0.19
- version/xmlsoft libxslt/1.0.20
- version/xmlsoft libxslt/1.0.21
- version/xmlsoft libxslt/1.0.22
- version/xmlsoft libxslt/1.0.23
- version/xmlsoft libxslt/1.0.24
- version/xmlsoft libxslt/1.0.25
- version/xmlsoft libxslt/1.0.26
- version/xmlsoft libxslt/1.0.27
- version/xmlsoft libxslt/1.0.28
- version/xmlsoft libxslt/1.0.29
- version/xmlsoft libxslt/1.0.30
- version/xmlsoft libxslt/1.0.31
- version/xmlsoft libxslt/1.0.32
- version/xmlsoft libxslt/1.0.33
- version/xmlsoft libxslt/1.1.0
- version/xmlsoft libxslt/1.1.1
- version/xmlsoft libxslt/1.1.2
- version/xmlsoft libxslt/1.1.3
- version/xmlsoft libxslt/1.1.4
- version/xmlsoft libxslt/1.1.5
- version/xmlsoft libxslt/1.1.6
- version/xmlsoft libxslt/1.1.7
- version/xmlsoft libxslt/1.1.8
- version/xmlsoft libxslt/1.1.9
- version/xmlsoft libxslt/1.1.10
- version/xmlsoft libxslt/1.1.11
- version/xmlsoft libxslt/1.1.12
- version/xmlsoft libxslt/1.1.13
- version/xmlsoft libxslt/1.1.14
- version/xmlsoft libxslt/1.1.15
- version/xmlsoft libxslt/1.1.16
- version/xmlsoft libxslt/1.1.17
- version/xmlsoft libxslt/1.1.18
- version/xmlsoft libxslt/1.1.19
- version/xmlsoft libxslt/1.1.20
- version/xmlsoft libxslt/1.1.21
- version/xmlsoft libxslt/1.1.22
- version/xmlsoft libxslt/1.1.23