CVE-2011-3970

Published Feb 9, 2012

Last updated a year ago

Overview

Description: libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Source: chrome-cve-admin@google.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-125

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3785615-314D-46D8-8894-3554935C569A",
            "versionEndExcluding": "17.0.963.46"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9251F19D-BEA4-4ED4-9A4B-EA89E795C6D0",
            "versionEndIncluding": "1.1.26"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00720D8C-3FF3-4B1C-B74B-91F01A544399"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F084E6C1-8DB0-4D1F-B8EB-5D2CD9AD6E87"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB4D6749-81A1-41D7-BF4F-1C45A7F49A22"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B072472-B463-4647-885D-E40B0115C810"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AA37837-3083-4DC7-94F4-54FD5D7CB53C"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References