Memory corruption vulnerability in multiple products via a crafted XML documentID: oval:org.mitre.oval:def:12148 | Date: (C)2010-11-27 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
The host is installed with Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier or Apple iTunes before 10.2 and is prone to memory corruption vulnerability. The flaw is present in the ibxml2 before 2.7.8, which reads from invalid memory locations during processing of malformed XPath expressions. Successful exploitation allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.
Platform: |
Microsoft Windows Server 2022 |
Microsoft Windows 11 |
Microsoft Windows Server 2019 |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 8 |
Microsoft Windows Server 2012 |
Microsoft Windows Vista |
Microsoft Windows 10 |
Microsoft Windows Server 2016 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Product: |
Apple Safari |
Apple iTunes |
Google Chrome |