CVE-2011-1425
Published Apr 4, 2011
Last updated 7 years ago
Overview
- Description
- xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.1
- Impact score
- 6.4
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C511EF6-D408-40F6-B698-5C4179FA1D1B",
"versionEndIncluding": "1.2.16"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48013BD3-56E4-4882-8DE6-66E17C5E2700"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4381CEA6-37E4-4AD0-9247-74EC552D3A93"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.2a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "104D29A5-117F-4BF2-BBC0-744EB7B14699"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7349086B-57F4-407B-B6D7-34906B74CC1E"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66221F0D-6BA6-4892-B820-3C1190935167"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7167841F-F3BB-4641-B004-CB73C73DC61F"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29567BC6-1D73-4B8D-B518-35BE505ECC56"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "73030AD3-5DA1-4047-96C7-AEDC110844EE"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2CC46659-2D47-4F7D-87DA-17120BB94F31"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C930806C-7025-4201-AAC1-1717A1547096"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF2E3C32-7F16-4E69-A73E-FE26C04CF9C0"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DACBE500-4813-42C6-8108-1E8A105EA7DD"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2B014F4-3CDE-41C2-A822-09751DAD1A0B"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "27F82EE1-A737-41D9-95B6-66504747D107"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA2888ED-A494-4D69-8F60-8D8D63FB3FA0"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A34AE6EB-A099-40F6-8524-4B4F6995D5CC"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39911070-E4D2-419F-9861-8CBA02527FD8"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D76F2C1-9FBC-4FFE-AB60-526D74247E69"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78A505E1-5891-43B1-955D-663EFE3E489C"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.0.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCB3566E-3F7F-490B-9DF4-BCFE22C6D29A"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95DCD31F-DA97-469E-9739-CA4D358107FF"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7BC086D9-DCD7-4B11-B6EB-7FE6455B68F2"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC3CD349-D3A0-4FB7-B717-2AF2F3F8574F"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFD0250E-7971-4890-A0FC-A4EF6CAB17FB"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "766B027F-7938-4768-B714-160278981634"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1235A593-FADF-42BC-9FAA-15E7D1A30397"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55CCEF0C-83B0-4EA4-9771-1D5E93597439"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37908D6B-A4A4-4879-8153-4580B2FD937C"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1253AC74-B285-4784-A08C-C8E5EC0693FC"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B9817DA5-858D-4543-A033-D294275F1686"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D550EAB0-1C45-4137-AFF0-245DD79DC617"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A459702-8FAD-4854-8425-C44F1A76FA30"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6EC24DFE-04AE-43B8-A8AA-9429492B71CC"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9552F93-EDE1-49A8-9BD7-D3BBE5FD3261"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A79CF64-1F88-46B1-BE59-27A8474109C7"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0869B698-2FAC-4AF3-9897-937577121FDE"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0500195F-A2C6-4D0B-A5AC-98AF00AF427E"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1AADDA51-66A9-42B5-AAFF-708A8EBE983A"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B34BB41-AB3E-468C-942E-A95A087DFA17"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA8E9710-E55C-4E00-B3E1-FD7A471F5B48"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ACB51E6A-A99B-44A3-AF37-D685E61BC9C8"
},
{
"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "009BDE1D-C3B9-4EC7-8149-6074AA8EEB15"
},
{
"criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9"
}
],
"operator": "OR"
}
]
}
]