Bug 9873

Summary: CVE-2013-1969: libxml2 - Multiple Use-After-Free Vulnerabilities
Product: Mageia Reporter: Oden Eriksson <oe>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED INVALID QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: luigiwalser
Version: 3   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1969
Whiteboard:
Source RPM: libxml2 CVE:
Status comment:

Description Oden Eriksson 2013-04-26 08:22:47 CEST 
Name: CVE-2013-1969
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1969
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20130219
Category: 
Reference: MLIST:[oss-security] 20130417 CVE request : libxml2 Multiple Use-After-Free Vulnerabilities
Reference: URL:http://www.openwall.com/lists/oss-security/2013/04/17/4
Reference: MLIST:[oss-security] 20130418 Re: CVE request : libxml2 Multiple Use-After-Free Vulnerabilities
Reference: URL:http://www.openwall.com/lists/oss-security/2013/04/19/1
Reference: CONFIRM:https://bugzilla.gnome.org/show_bug.cgi?id=690202
Reference: CONFIRM:https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f
Reference: SECUNIA:53061
Reference: URL:http://secunia.com/advisories/53061

Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly
other versions might allow context-dependent attackers to cause a
denial of service (crash) and possibly execute arbitrary code via
vectors related to the (1) htmlParseChunk and (2) xmldecl_done
functions, as demonstrated by a buffer overflow in the
xmlBufGetInputBase function.


Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2013-04-26 16:04:30 CEST 
This was already fixed in libxml2-2.9.0-5.mga3 in Cauldron.

This also does not affect the libxml2 version in Mageia 2.

Status: NEW => RESOLVED
CC: (none) => luigiwalser
Resolution: (none) => INVALID