cvelist/2010/4xxx/CVE-2010-4008.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2010-4008",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "[xml] 20101104 Release of libxml2-2.7.8",
            "refsource" : "MLIST",
            "url" : "http://mail.gnome.org/archives/xml/2010-November/msg00015.html"
         },
         {
            "name" : "http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/",
            "refsource" : "MISC",
            "url" : "http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/"
         },
         {
            "name" : "http://code.google.com/p/chromium/issues/detail?id=58731",
            "refsource" : "CONFIRM",
            "url" : "http://code.google.com/p/chromium/issues/detail?id=58731"
         },
         {
            "name" : "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html",
            "refsource" : "CONFIRM",
            "url" : "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html"
         },
         {
            "name" : "http://support.apple.com/kb/HT4456",
            "refsource" : "CONFIRM",
            "url" : "http://support.apple.com/kb/HT4456"
         },
         {
            "name" : "http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html",
            "refsource" : "CONFIRM",
            "url" : "http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html"
         },
         {
            "name" : "http://support.apple.com/kb/HT4554",
            "refsource" : "CONFIRM",
            "url" : "http://support.apple.com/kb/HT4554"
         },
         {
            "name" : "http://support.apple.com/kb/HT4566",
            "refsource" : "CONFIRM",
            "url" : "http://support.apple.com/kb/HT4566"
         },
         {
            "name" : "http://support.apple.com/kb/HT4581",
            "refsource" : "CONFIRM",
            "url" : "http://support.apple.com/kb/HT4581"
         },
         {
            "name" : "APPLE-SA-2010-11-22-1",
            "refsource" : "APPLE",
            "url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
         },
         {
            "name" : "APPLE-SA-2011-03-02-1",
            "refsource" : "APPLE",
            "url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
         },
         {
            "name" : "APPLE-SA-2011-03-09-2",
            "refsource" : "APPLE",
            "url" : "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
         },
         {
            "name" : "APPLE-SA-2011-03-21-1",
            "refsource" : "APPLE",
            "url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
         },
         {
            "name" : "DSA-2128",
            "refsource" : "DEBIAN",
            "url" : "http://www.debian.org/security/2010/dsa-2128"
         },
         {
            "name" : "HPSBMA02662",
            "refsource" : "HP",
            "url" : "http://marc.info/?l=bugtraq&m=130331363227777&w=2"
         },
         {
            "name" : "SSRT100409",
            "refsource" : "HP",
            "url" : "http://marc.info/?l=bugtraq&m=130331363227777&w=2"
         },
         {
            "name" : "HPSBGN02970",
            "refsource" : "HP",
            "url" : "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
         },
         {
            "name" : "MDVSA-2010:243",
            "refsource" : "MANDRIVA",
            "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:243"
         },
         {
            "name" : "RHSA-2011:1749",
            "refsource" : "REDHAT",
            "url" : "http://www.redhat.com/support/errata/RHSA-2011-1749.html"
         },
         {
            "name" : "RHSA-2013:0217",
            "refsource" : "REDHAT",
            "url" : "http://rhn.redhat.com/errata/RHSA-2013-0217.html"
         },
         {
            "name" : "SUSE-SR:2010:023",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
         },
         {
            "name" : "USN-1016-1",
            "refsource" : "UBUNTU",
            "url" : "http://www.ubuntu.com/usn/USN-1016-1"
         },
         {
            "name" : "44779",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/44779"
         },
         {
            "name" : "oval:org.mitre.oval:def:12148",
            "refsource" : "OVAL",
            "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148"
         },
         {
            "name" : "42109",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/42109"
         },
         {
            "name" : "42175",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/42175"
         },
         {
            "name" : "42314",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/42314"
         },
         {
            "name" : "42429",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/42429"
         },
         {
            "name" : "40775",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/40775"
         },
         {
            "name" : "ADV-2010-3046",
            "refsource" : "VUPEN",
            "url" : "http://www.vupen.com/english/advisories/2010/3046"
         },
         {
            "name" : "ADV-2010-3076",
            "refsource" : "VUPEN",
            "url" : "http://www.vupen.com/english/advisories/2010/3076"
         },
         {
            "name" : "ADV-2010-3100",
            "refsource" : "VUPEN",
            "url" : "http://www.vupen.com/english/advisories/2010/3100"
         },
         {
            "name" : "ADV-2011-0230",
            "refsource" : "VUPEN",
            "url" : "http://www.vupen.com/english/advisories/2011/0230"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2010-4008",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "[xml] 20101104 Release of libxml2-2.7.8",`
			`"refsource" : "MLIST",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://mail.gnome.org/archives/xml/2010-November/msg00015.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://code.google.com/p/chromium/issues/detail?id=58731",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://code.google.com/p/chromium/issues/detail?id=58731"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://support.apple.com/kb/HT4456",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://support.apple.com/kb/HT4456"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://support.apple.com/kb/HT4554",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://support.apple.com/kb/HT4554"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://support.apple.com/kb/HT4566",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://support.apple.com/kb/HT4566"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://support.apple.com/kb/HT4581",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://support.apple.com/kb/HT4581"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "APPLE-SA-2010-11-22-1",`
			`"refsource" : "APPLE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "APPLE-SA-2011-03-02-1",`
			`"refsource" : "APPLE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "APPLE-SA-2011-03-09-2",`
			`"refsource" : "APPLE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "APPLE-SA-2011-03-21-1",`
			`"refsource" : "APPLE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "DSA-2128",`
			`"refsource" : "DEBIAN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.debian.org/security/2010/dsa-2128"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "HPSBMA02662",`
			`"refsource" : "HP",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://marc.info/?l=bugtraq&m=130331363227777&w=2"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "SSRT100409",`
			`"refsource" : "HP",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://marc.info/?l=bugtraq&m=130331363227777&w=2"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "HPSBGN02970",`
			`"refsource" : "HP",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://marc.info/?l=bugtraq&m=139447903326211&w=2"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "MDVSA-2010:243",`
			`"refsource" : "MANDRIVA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:243"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "RHSA-2011:1749",`
			`"refsource" : "REDHAT",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.redhat.com/support/errata/RHSA-2011-1749.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "RHSA-2013:0217",`
			`"refsource" : "REDHAT",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://rhn.redhat.com/errata/RHSA-2013-0217.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "SUSE-SR:2010:023",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "USN-1016-1",`
			`"refsource" : "UBUNTU",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.ubuntu.com/usn/USN-1016-1"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "44779",`
			`"refsource" : "BID",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securityfocus.com/bid/44779"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "oval:org.mitre.oval:def:12148",`
			`"refsource" : "OVAL",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "42109",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/42109"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "42175",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/42175"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "42314",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/42314"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "42429",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/42429"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "40775",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/40775"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "ADV-2010-3046",`
			`"refsource" : "VUPEN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.vupen.com/english/advisories/2010/3046"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "ADV-2010-3076",`
			`"refsource" : "VUPEN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.vupen.com/english/advisories/2010/3076"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "ADV-2010-3100",`
			`"refsource" : "VUPEN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.vupen.com/english/advisories/2010/3100"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "ADV-2011-0230",`
			`"refsource" : "VUPEN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.vupen.com/english/advisories/2011/0230"`
			`}`
			`]`
			`}`
			`}`