Уязвимость CVE-2016-5131: Информация

Описание

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.

Важность: HIGH (8,8) Вектор: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Исправленные пакеты

Ссылки на рекомендации, решения и инструменты

1. Подверженные конфигурации:

   1. Конфигурация 1

      cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

      End excliding

      52.0.2743.82

      ---

      Конфигурация 2

      cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*

      End including

      2.9.4

      ---

      Конфигурация 3

      cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

      End excliding

      3.0

      ---

      cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

      End excliding

      10.0

      ---

      cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

      End excliding

      10.0

      ---

      cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

      End excliding

      10.12

      ---

      Конфигурация 4

      cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

      ---

      cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

      ---

      Конфигурация 5

      cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

      ---

      Конфигурация 6

      cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

      ---

      Конфигурация 7

      cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

      ---