CVE-2012-2871
EPSS 0.78%Published: 8/31/2012Modified: 4/28/2026
Description
libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.
Affected packages (1)
- Debian/libxsltfrom 0, < 1.1.26-14