Filtered by vendor Xmlsoft
Subscriptions
Filtered by product Libxslt
Subscriptions
Total
22 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-2935 | 1 Xmlsoft | 1 Libxslt | 2018-10-11 | N/A |
Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input." | ||||
CVE-2013-4520 | 1 Xmlsoft | 1 Libxslt | 2013-12-16 | N/A |
xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fix for CVE-2012-2825. |