NVD

Id
40116  
Name
CVE-2013-4520  
Description
xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fix for CVE-2012-2825.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-18  
Published
2013-12-14  
Modified Date
2013-12-16  
Seq
2013-4520  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
204166 40116 CVE-2013-4520 [oss-security] 20131105 CVE Request: additional fix for CVE-2012-2825 libxslt crash  View
204167 40116 CVE-2013-4520 [oss-security] 20131105 Re: CVE Request: additional fix for CVE-2012-2825 libxslt crash  View
204168 40116 CVE-2013-4520 https://bugzilla.novell.com/show_bug.cgi?id=849019  View
204169 40116 CVE-2013-4520 https://gitorious.org/libxslt/libxslt/commit/7089a62b8f133b42a2981cf1f920a8b3fe9a8caa  View
204170 40116 CVE-2013-4520 SUSE-SU-2013:1654  View
204171 40116 CVE-2013-4520 SUSE-SU-2013:1656  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
23977 JVNDB-2013-005552 libxslt の xslt.c におけるサービス運用妨害 (DoS) の脆弱性 libxslt の xslt.c には、サービス運用妨害 (クラッシュ) 状態にされる脆弱性が存在します。 CVE-2013-4520 64462 CVE-2013-4520 40116 4.3 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-005552.html 2013-11-21 2013-12-17 View