Descriptionlibxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.
Overall state of this security issue: Postponed
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
- openSUSE-SU-2012:1215-1, published Wed, 19 Sep 2012 11:08:47 +0200 (CEST)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Tumbleweed|| ||Patchnames:
openSUSE Tumbleweed GA chromedriver