CVE-2011-1425

xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.

CVSS v2.0 5.1 MEDIUM

5.1^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://git.gnome.org/browse/xmlsec/commit/?id=2d5eddcc4163ea050cf3a3a1a25452bb5124f780	Patch
http://git.gnome.org/browse/xmlsec/commit/?id=35eaacde6093d6711339754fc2146341b8b9f5fa	Patch
http://secunia.com/advisories/43920	Vendor Advisory
http://secunia.com/advisories/44167
http://secunia.com/advisories/44423
http://trac.webkit.org/changeset/79159
http://www.aleksey.com/pipermail/xmlsec/2011/009120.html	Patch
http://www.debian.org/security/2011/dsa-2219
http://www.mandriva.com/security/advisories?name=MDVSA-2011:063
http://www.redhat.com/support/errata/RHSA-2011-0486.html
http://www.securityfocus.com/bid/47135
http://www.securitytracker.com/id?1025284
http://www.vupen.com/english/advisories/2011/0855
http://www.vupen.com/english/advisories/2011/0858
http://www.vupen.com/english/advisories/2011/1010
http://www.vupen.com/english/advisories/2011/1172
https://bugs.webkit.org/show_bug.cgi?id=52688
https://bugzilla.redhat.com/show_bug.cgi?id=692133	Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/66506
http://git.gnome.org/browse/xmlsec/commit/?id=2d5eddcc4163ea050cf3a3a1a25452bb5124f780	Patch
http://git.gnome.org/browse/xmlsec/commit/?id=35eaacde6093d6711339754fc2146341b8b9f5fa	Patch
http://secunia.com/advisories/43920	Vendor Advisory
http://secunia.com/advisories/44167
http://secunia.com/advisories/44423
http://trac.webkit.org/changeset/79159
http://www.aleksey.com/pipermail/xmlsec/2011/009120.html	Patch
http://www.debian.org/security/2011/dsa-2219
http://www.mandriva.com/security/advisories?name=MDVSA-2011:063
http://www.redhat.com/support/errata/RHSA-2011-0486.html
http://www.securityfocus.com/bid/47135
http://www.securitytracker.com/id?1025284
http://www.vupen.com/english/advisories/2011/0855
http://www.vupen.com/english/advisories/2011/0858
http://www.vupen.com/english/advisories/2011/1010
http://www.vupen.com/english/advisories/2011/1172
https://bugs.webkit.org/show_bug.cgi?id=52688
https://bugzilla.redhat.com/show_bug.cgi?id=692133	Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/66506

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:aleksey:xml_security_library::::::::
	cpe:2.3:a:aleksey:xml_security_library:0.0.1:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.2:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.2a:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.3:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.4:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.5:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.6:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.7:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.8:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.9:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.10:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.11:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.12:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.13:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.14:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.0.15:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.1.0:::::::*
	cpe:2.3:a:aleksey:xml_security_library:0.1.1:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.0.0:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.0.0:rc1::::::
	cpe:2.3:a:aleksey:xml_security_library:1.0.1:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.0.2:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.0.3:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.0.4:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.1.0:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.1.1:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.1.2:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.0:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.1:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.2:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.3:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.4:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.5:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.6:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.7:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.8:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.9:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.10:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.11:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.13:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.14:::::::*
	cpe:2.3:a:aleksey:xml_security_library:1.2.15:::::::*
	cpe:2.3:a:apple:webkit::::::::

History

21 Nov 2024, 01:26

Information

Published : 2011-04-04 12:27

Updated : 2024-11-21 01:26

NVD link : CVE-2011-1425

Mitre link : CVE-2011-1425

CVE.ORG link : CVE-2011-1425

JSON object : View

Products Affected

apple

webkit

aleksey

xml_security_library

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2011-1425", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-04-04T12:27:57.437", "references": [{"url": "http://git.gnome.org/browse/xmlsec/commit/?id=2d5eddcc4163ea050cf3a3a1a25452bb5124f780", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://git.gnome.org/browse/xmlsec/commit/?id=35eaacde6093d6711339754fc2146341b8b9f5fa", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/43920", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/44167", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/44423", "source": "cve@mitre.org"}, {"url": "http://trac.webkit.org/changeset/79159", "source": "cve@mitre.org"}, {"url": "http://www.aleksey.com/pipermail/xmlsec/2011/009120.html", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2011/dsa-2219", "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:063", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2011-0486.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/47135", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1025284", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2011/0855", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2011/0858", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2011/1010", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2011/1172", "source": "cve@mitre.org"}, {"url": "https://bugs.webkit.org/show_bug.cgi?id=52688", "source": "cve@mitre.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=692133", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66506", "source": "cve@mitre.org"}, {"url": "http://git.gnome.org/browse/xmlsec/commit/?id=2d5eddcc4163ea050cf3a3a1a25452bb5124f780", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://git.gnome.org/browse/xmlsec/commit/?id=35eaacde6093d6711339754fc2146341b8b9f5fa", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/43920", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/44167", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/44423", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://trac.webkit.org/changeset/79159", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.aleksey.com/pipermail/xmlsec/2011/009120.html", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2011/dsa-2219", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:063", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2011-0486.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/47135", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1025284", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2011/0855", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2011/0858", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2011/1010", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2011/1172", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugs.webkit.org/show_bug.cgi?id=52688", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=692133", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66506", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification."}, {"lang": "es", "value": "xslt.c en XML Security Library (tambi\u00e9n conocido como xmlsec)anterior a v1.2.17 como se usaba en WebKit y otros productos, cuando XSLT es habilitado, permite a atacantes remotos crear o sobreescribir archivos de su elecci\u00f3n a trav\u00e9s de vectores que involucran la extensi\u00f3n de salida libxslt y un elemento ds:Transform durante la verificaci\u00f3n de firma."}], "lastModified": "2024-11-21T01:26:16.960", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:aleksey:xml_security_library:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C511EF6-D408-40F6-B698-5C4179FA1D1B", "versionEndIncluding": "1.2.16"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48013BD3-56E4-4882-8DE6-66E17C5E2700"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4381CEA6-37E4-4AD0-9247-74EC552D3A93"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.2a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "104D29A5-117F-4BF2-BBC0-744EB7B14699"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7349086B-57F4-407B-B6D7-34906B74CC1E"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66221F0D-6BA6-4892-B820-3C1190935167"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7167841F-F3BB-4641-B004-CB73C73DC61F"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29567BC6-1D73-4B8D-B518-35BE505ECC56"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73030AD3-5DA1-4047-96C7-AEDC110844EE"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CC46659-2D47-4F7D-87DA-17120BB94F31"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C930806C-7025-4201-AAC1-1717A1547096"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF2E3C32-7F16-4E69-A73E-FE26C04CF9C0"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DACBE500-4813-42C6-8108-1E8A105EA7DD"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2B014F4-3CDE-41C2-A822-09751DAD1A0B"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27F82EE1-A737-41D9-95B6-66504747D107"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA2888ED-A494-4D69-8F60-8D8D63FB3FA0"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.0.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A34AE6EB-A099-40F6-8524-4B4F6995D5CC"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39911070-E4D2-419F-9861-8CBA02527FD8"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D76F2C1-9FBC-4FFE-AB60-526D74247E69"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78A505E1-5891-43B1-955D-663EFE3E489C"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.0.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCB3566E-3F7F-490B-9DF4-BCFE22C6D29A"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95DCD31F-DA97-469E-9739-CA4D358107FF"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BC086D9-DCD7-4B11-B6EB-7FE6455B68F2"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC3CD349-D3A0-4FB7-B717-2AF2F3F8574F"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFD0250E-7971-4890-A0FC-A4EF6CAB17FB"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "766B027F-7938-4768-B714-160278981634"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1235A593-FADF-42BC-9FAA-15E7D1A30397"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55CCEF0C-83B0-4EA4-9771-1D5E93597439"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37908D6B-A4A4-4879-8153-4580B2FD937C"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1253AC74-B285-4784-A08C-C8E5EC0693FC"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9817DA5-858D-4543-A033-D294275F1686"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D550EAB0-1C45-4137-AFF0-245DD79DC617"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A459702-8FAD-4854-8425-C44F1A76FA30"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EC24DFE-04AE-43B8-A8AA-9429492B71CC"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9552F93-EDE1-49A8-9BD7-D3BBE5FD3261"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A79CF64-1F88-46B1-BE59-27A8474109C7"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0869B698-2FAC-4AF3-9897-937577121FDE"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0500195F-A2C6-4D0B-A5AC-98AF00AF427E"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AADDA51-66A9-42B5-AAFF-708A8EBE983A"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B34BB41-AB3E-468C-942E-A95A087DFA17"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA8E9710-E55C-4E00-B3E1-FD7A471F5B48"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACB51E6A-A99B-44A3-AF37-D685E61BC9C8"}, {"criteria": "cpe:2.3:a:aleksey:xml_security_library:1.2.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "009BDE1D-C3B9-4EC7-8149-6074AA8EEB15"}, {"criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

5.1 /10