What is CVE-2011-1944?

CVE-2011-1944 is a vulnerability in Xmlsoft Libxml, classified under CWE-189. Published 2011-09-02.

Is CVE-2011-1944 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Xmlsoft Libxml

CVE-2011-1944

Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted X…

EPSS: 0.137 (96.0th percentile) — read the EPSS interpretation.

Affected products

Xmlsoft Libxml — versions 1.5.0, 1.6.0, 1.6.1
Xmlsoft Libxml2 — versions 2.6.0, 2.6.1, 2.6.2
N/a — versions n/a

Weakness classification (CWE)

CWE-189

Public proof-of-concept exploits

akaganeite/CVE4PP

References

secalert@redhat.com (Exploit, vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (vendor-advisory, x_refsource_MANDRIVA)
secalert@redhat.com (x_refsource_HP, vendor-advisory)
secalert@redhat.com (vendor-advisory, x_refsource_SUSE)
secalert@redhat.com (x_refsource_CONFIRM, Patch)
secalert@redhat.com (vendor-advisory, x_refsource_APPLE)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_CONFIRM, Exploit, Patch)
secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)

Frequently asked questions

What is CVE-2011-1944?: CVE-2011-1944 is a vulnerability in Xmlsoft Libxml, classified under CWE-189. Published 2011-09-02.
Is CVE-2011-1944 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.