Ubuntu Security Notice 1595-1 - Chris Evans discovered that libxslt incorrectly handled generate-id XPath functions. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could obtain potentially sensitive information. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 11.04. It was discovered that libxslt incorrectly parsed certain patterns. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of service. Various other issues were also addressed.
5dada35384ea916fefdd03285e96612d7c197f764028a0915522b0f15010b138
Red Hat Security Advisory 2012-1265-01 - libxslt is a library for transforming XML files into other textual formats using the standard XSLT stylesheet transformation mechanism. A heap-based buffer overflow flaw was found in the way libxslt applied templates to nodes selected by certain namespaces. An attacker could use this flaw to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
9920cb411b2c3aa2362ffe225a52581712a70d0901996f2acabf529dcdc400d4
Gentoo Linux Security Advisory 201203-8 - A vulnerability in libxslt could result in Denial of Service. Versions less than 1.1.26-r3 are affected.
eda3411ae557f830dff680802ba73a02b1f235290b5fcebb036ebf955ac7435f
Mandriva Linux Security Advisory 2012-028 - libxslt allows remote attackers to cause a denial of service via unspecified vectors. The updated packages have been patched to correct this issue.
5e5cd4e181fa0d96d3d9737dbbd2cf7f5ebad0e6ac5483cae947e2da1fd8580f
iDefense Security Advisory 02.08.11 - Remote exploitation of a buffer overflow vulnerability in multiple versions of Microsoft Corp.'s Windows could allow attackers to execute arbitrary code on the targeted host. An integer overflow vulnerability exists in the "shimgvw" library. During the processing of an image within a certain function, a bitmap containing a large "biWidth" value can be used to cause an integer calculation overflow. This condition can lead to the overflow of a heap buffer and may result in the execute arbitrary code on the targeted host.
f6124a1b8cbfad6d5655d8dd9b8857fd339410ce72f7e673b15b3fbb4d62778c