{
  "threat_severity" : "Low",
  "public_date" : "2010-11-17T00:00:00Z",
  "bugzilla" : {
    "description" : "libxml2: double-free in XPath processing code",
    "id" : "665963",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=665963"
  },
  "cvss" : {
    "cvss_base_score" : "4.3",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
    "status" : "verified"
  },
  "details" : [ "Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling." ],
  "statement" : "This issue did not affect the versions of libxml and libxml2 as shipped with\nRed Hat Enterprise Linux 3, and it did not affect the version of libxml2 as\nshipped with Red Hat Enterprise Linux 4 and 5.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2011-12-05T00:00:00Z",
    "advisory" : "RHSA-2011:1749",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "libxml2-0:2.7.6-4.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2013-01-31T00:00:00Z",
    "advisory" : "RHSA-2013:0217",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "mingw32-libxml2-0:2.7.6-6.el6_3"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "fix_state" : "Not affected",
    "package_name" : "libxml2",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "libxml2",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2010-4494\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-4494" ],
  "name" : "CVE-2010-4494",
  "csaw" : false
}