Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2011-1202

The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://code.google.com...
CONFIRM: http://googlechromerel...
BID: 46785
VUPEN: ADV-2011-0628
MISC: http://scarybeastsecur...
CONFIRM: http://git.gnome.org/b...
CONFIRM: https://bugzilla.redha...
MANDRIVA: MDVSA-2011:079
MANDRIVA: MDVSA-2012:164
CONFIRM: http://downloads.avaya...
XF: google-xslt-info-discl...
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2011-1202

Related bugs

References