Changes for page Engine_libxslt

Last modified by Nicolas Gregoire on 2012/07/23 16:53
From version Icon 37.1 Icon
edited by Nicolas Gregoire
on 2012/07/23 16:37
Change comment: There is no comment for this version
To version Icon 38.1 Icon
edited by Nicolas Gregoire
on 2012/07/23 16:39
Change comment: There is no comment for this version

Summary

Details

Icon Page properties
Content
... ... @@ -21,6 +21,14 @@
21 21  
22 22  = Known parser bugs =
23 23  
24 +|=CVE|=Title|=Ticket|=Credits
25 +|CVE-2012-2825|Wild read in XSL handling|https://code.google.com/p/chromium/issues/detail?id=127417|Nicolas Gregoire
26 +|http:~/~/www.w3.org/1999/XSL/Transform|document|href|[[libxslt-xsl-document.xsl>>attach:libxslt-xsl-document.xsl]]\\
27 +|http:~/~/www.jclark.com/xt|document|href|[[libxslt-xt-document.xsl>>attach:libxslt-xt-document.xsl]]\\
28 +|http:~/~/exslt.org/common|document|href|[[libxslt-exslt-document.xsl>>attach:libxslt-exslt-document.xsl]]\\
29 +|org.apache.xalan.xslt.extensions.Redirect|write|href|[[libxslt-xalan-write.xsl>>attach:libxslt-xalan-write.xsl]]\\
30 +|http:~/~/icl.com/saxon|output|href|[[libxslt-saxon-output.xsl>>attach:libxslt-saxon-output.xsl]]\\
31 +
24 24  * Wild read CVE-2012-2825
25 25  * Medium CVE-2012-2825: Wild read in XSL handling. Credit to Nicholas Gregoire.
26 26  * [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to Aki Helin of OUSPG.
... ... @@ -36,6 +36,13 @@
36 36  [93472] High CVE-2011-2834: Double free in libxml XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
37 37  [89402] High CVE-2011-2821: Double free in libxml XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
38 38  
47 +|=Namespace|=Extension element|=Parameter|=PoC
48 +|http:~/~/www.w3.org/1999/XSL/Transform|document|href|[[libxslt-xsl-document.xsl>>attach:libxslt-xsl-document.xsl]]\\
49 +|http:~/~/www.jclark.com/xt|document|href|[[libxslt-xt-document.xsl>>attach:libxslt-xt-document.xsl]]\\
50 +|http:~/~/exslt.org/common|document|href|[[libxslt-exslt-document.xsl>>attach:libxslt-exslt-document.xsl]]\\
51 +|org.apache.xalan.xslt.extensions.Redirect|write|href|[[libxslt-xalan-write.xsl>>attach:libxslt-xalan-write.xsl]]\\
52 +|http:~/~/icl.com/saxon|output|href|[[libxslt-saxon-output.xsl>>attach:libxslt-saxon-output.xsl]]\\
53 +
39 39  = Special features =
40 40  
41 41  * File creation