{ "threat_severity" : "Low", "public_date" : "2011-12-13T00:00:00Z", "bugzilla" : { "description" : "libxml2 out of bounds read", "id" : "767387", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=767387" }, "cvss" : { "cvss_base_score" : "4.3", "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status" : "verified" }, "cwe" : "CWE-125", "details" : [ "libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors." ], "statement" : "This issue affects the version of libxml2 as shipped with Red Hat Enterprise\nLinux 4, 5 and 6 and has been addressed via RHSA-2012:0016, RHSA-2012:0017 and\nRHSA-2012:0018 respectively. This issue affects the version of mingw32-libxml2\nas shipped with Red Hat Enterprise Linux 6. The Red Hat Security Response Team\nhas rated this issue as having low security impact. A future update may address\nthis issue in Red Hat Enterprise Linux 6.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 4", "release_date" : "2012-01-11T00:00:00Z", "advisory" : "RHSA-2012:0016", "cpe" : "cpe:/o:redhat:enterprise_linux:4", "package" : "libxml2-0:2.6.16-12.9" }, { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2012-01-11T00:00:00Z", "advisory" : "RHSA-2012:0017", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "libxml2-0:2.6.26-2.1.12.el5_7.2" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2012-01-11T00:00:00Z", "advisory" : "RHSA-2012:0018", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libxml2-0:2.7.6-4.el6_2.1" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2013-01-31T00:00:00Z", "advisory" : "RHSA-2013:0217", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "mingw32-libxml2-0:2.7.6-6.el6_3" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2011-3905\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-3905" ], "name" : "CVE-2011-3905", "csaw" : false }