CVE-2012-2871

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.

Affected Software

Name	Vendor	Start Version	End Version
Iphone_os	Apple	*	6.1.4 (including)
Iphone_os	Apple	1.0.0 (including)	1.0.0 (including)
Iphone_os	Apple	1.0.1 (including)	1.0.1 (including)
Iphone_os	Apple	1.0.2 (including)	1.0.2 (including)
Iphone_os	Apple	1.1.0 (including)	1.1.0 (including)
Iphone_os	Apple	1.1.1 (including)	1.1.1 (including)
Iphone_os	Apple	1.1.2 (including)	1.1.2 (including)
Iphone_os	Apple	1.1.3 (including)	1.1.3 (including)
Iphone_os	Apple	1.1.4 (including)	1.1.4 (including)
Iphone_os	Apple	1.1.5 (including)	1.1.5 (including)
Iphone_os	Apple	2.0 (including)	2.0 (including)
Iphone_os	Apple	2.0.0 (including)	2.0.0 (including)
Iphone_os	Apple	2.0.1 (including)	2.0.1 (including)
Iphone_os	Apple	2.0.2 (including)	2.0.2 (including)
Iphone_os	Apple	2.1 (including)	2.1 (including)
Iphone_os	Apple	2.1.1 (including)	2.1.1 (including)
Iphone_os	Apple	2.2 (including)	2.2 (including)
Iphone_os	Apple	2.2.1 (including)	2.2.1 (including)
Iphone_os	Apple	3.0 (including)	3.0 (including)
Iphone_os	Apple	3.0.1 (including)	3.0.1 (including)
Iphone_os	Apple	3.1 (including)	3.1 (including)
Iphone_os	Apple	3.1.2 (including)	3.1.2 (including)
Iphone_os	Apple	3.1.3 (including)	3.1.3 (including)
Iphone_os	Apple	3.2 (including)	3.2 (including)
Iphone_os	Apple	3.2.1 (including)	3.2.1 (including)
Iphone_os	Apple	3.2.2 (including)	3.2.2 (including)
Iphone_os	Apple	4.0 (including)	4.0 (including)
Iphone_os	Apple	4.0.1 (including)	4.0.1 (including)
Iphone_os	Apple	4.0.2 (including)	4.0.2 (including)
Iphone_os	Apple	4.1 (including)	4.1 (including)
Iphone_os	Apple	4.2.1 (including)	4.2.1 (including)
Iphone_os	Apple	4.2.5 (including)	4.2.5 (including)
Iphone_os	Apple	4.2.8 (including)	4.2.8 (including)
Iphone_os	Apple	4.3.0 (including)	4.3.0 (including)
Iphone_os	Apple	4.3.1 (including)	4.3.1 (including)
Iphone_os	Apple	4.3.2 (including)	4.3.2 (including)
Iphone_os	Apple	4.3.3 (including)	4.3.3 (including)
Iphone_os	Apple	4.3.5 (including)	4.3.5 (including)
Iphone_os	Apple	5.0 (including)	5.0 (including)
Iphone_os	Apple	5.0.1 (including)	5.0.1 (including)
Iphone_os	Apple	5.1 (including)	5.1 (including)
Iphone_os	Apple	5.1.1 (including)	5.1.1 (including)
Iphone_os	Apple	6.0 (including)	6.0 (including)
Iphone_os	Apple	6.0.1 (including)	6.0.1 (including)
Iphone_os	Apple	6.0.2 (including)	6.0.2 (including)
Iphone_os	Apple	6.1 (including)	6.1 (including)
Iphone_os	Apple	6.1.2 (including)	6.1.2 (including)
Iphone_os	Apple	6.1.3 (including)	6.1.3 (including)
Red Hat Enterprise Linux 5	RedHat	libxslt-0:1.1.17-4.el5_8.3	*
Red Hat Enterprise Linux 6	RedHat	libxslt-0:1.1.26-2.el6_3.1	*
Chromium-browser	Ubuntu	lucid	*
Chromium-browser	Ubuntu	natty	*
Chromium-browser	Ubuntu	oneiric	*
Chromium-browser	Ubuntu	precise	*
Chromium-browser	Ubuntu	quantal	*
Chromium-browser	Ubuntu	upstream	*
Libxslt	Ubuntu	hardy	*
Libxslt	Ubuntu	lucid	*
Libxslt	Ubuntu	natty	*
Libxslt	Ubuntu	oneiric	*
Libxslt	Ubuntu	precise	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-2871
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References