CVE-2017-5130 - OpenCVE

An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Xmlsoft	Libxml2
Debian	Debian Linux
Google	Chrome

Configuration 1 [-]

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

Configuration 3 [-]

cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*

References

Link	Resource
http://bugzilla.gnome.org/show_bug.cgi?id=783026	Issue Tracking
http://www.securityfocus.com/bid/101482	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2017:2997	Third Party Advisory
https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html	Vendor Advisory
https://crbug.com/722079	Third Party Advisory
https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html
https://security.gentoo.org/glsa/201710-24	Third Party Advisory
https://security.netapp.com/advisory/ntap-20190719-0001/
https://www.oracle.com/security-alerts/cpuapr2020.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Chrome

Published: 2018-02-07T23:00:00

Updated: 2022-04-08T22:06:18

Reserved: 2017-01-02T00:00:00

Link: CVE-2017-5130

JSON object: View

NVD Information

Status : Modified

Published: 2018-02-07T23:29:01.420

Modified: 2022-04-08T23:15:08.497

Link: CVE-2017-5130

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"containers": {"cna": {"affected": [{"product": "Google Chrome prior to 62.0.3202.62", "vendor": "n/a", "versions": [{"status": "affected", "version": "Google Chrome prior to 62.0.3202.62"}]}], "datePublic": "2017-10-17T00:00:00", "descriptions": [{"lang": "en", "value": "An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file."}], "problemTypes": [{"descriptions": [{"description": "Integer overflow", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-04-08T22:06:18", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"name": "101482", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101482"}, {"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1188-1] libxml2 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html"}, {"tags": ["x_refsource_MISC"], "url": "http://bugzilla.gnome.org/show_bug.cgi?id=783026"}, {"tags": ["x_refsource_MISC"], "url": "https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html"}, {"tags": ["x_refsource_MISC"], "url": "https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed"}, {"name": "RHSA-2017:2997", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2997"}, {"tags": ["x_refsource_MISC"], "url": "https://crbug.com/722079"}, {"name": "GLSA-201710-24", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201710-24"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20190719-0001/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"name": "[debian-lts-announce] 20220408 [SECURITY] [DLA 2972-1] libxml2 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "chrome-cve-admin@google.com", "ID": "CVE-2017-5130", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Google Chrome prior to 62.0.3202.62", "version": {"version_data": [{"version_value": "Google Chrome prior to 62.0.3202.62"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Integer overflow"}]}]}, "references": {"reference_data": [{"name": "101482", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101482"}, {"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1188-1] libxml2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html"}, {"name": "http://bugzilla.gnome.org/show_bug.cgi?id=783026", "refsource": "MISC", "url": "http://bugzilla.gnome.org/show_bug.cgi?id=783026"}, {"name": "https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html", "refsource": "MISC", "url": "https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html"}, {"name": "https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed", "refsource": "MISC", "url": "https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed"}, {"name": "RHSA-2017:2997", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2997"}, {"name": "https://crbug.com/722079", "refsource": "MISC", "url": "https://crbug.com/722079"}, {"name": "GLSA-201710-24", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201710-24"}, {"name": "https://security.netapp.com/advisory/ntap-20190719-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190719-0001/"}, {"name": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"name": "[debian-lts-announce] 20220408 [SECURITY] [DLA 2972-1] libxml2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html"}]}}}}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2017-5130", "datePublished": "2018-02-07T23:00:00", "dateReserved": "2017-01-02T00:00:00", "dateUpdated": "2022-04-08T22:06:18", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A8B890B-083C-4977-8C31-AAC2F13E96A1", "versionEndExcluding": "62.0.3202.62", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4B3A4BD-14E7-4D4D-81C9-6A355F49C978", "versionEndExcluding": "2.9.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file."}, {"lang": "es", "value": "Un desbordamiento de enteros en xmlmemory.c en versiones anteriores a la 2.9.5 de libxml2, tal y como se emplea en Google Chrome, en versiones anteriores a la 62.0.3202.62 y en otros productos, permite que un atacante remoto explote la corrupci\u00f3n de la memoria din\u00e1mica (heap) mediante un archivo XML manipulado."}], "id": "CVE-2017-5130", "lastModified": "2022-04-08T23:15:08.497", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-02-07T23:29:01.420", "references": [{"source": "chrome-cve-admin@google.com", "tags": ["Issue Tracking"], "url": "http://bugzilla.gnome.org/show_bug.cgi?id=783026"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101482"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2997"}, {"source": "chrome-cve-admin@google.com", "tags": ["Vendor Advisory"], "url": "https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://crbug.com/722079"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html"}, {"source": "chrome-cve-admin@google.com", "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201710-24"}, {"source": "chrome-cve-admin@google.com", "url": "https://security.netapp.com/advisory/ntap-20190719-0001/"}, {"source": "chrome-cve-admin@google.com", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}