CVE-2011-1202

NameCVE-2011-1202
DescriptionThe xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium (attack range: remote)
Debian Bugs617413

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
iceweasel (PTS)wheezy, wheezy (security)38.8.0esr-1~deb7u1fixed
libxslt (PTS)wheezy1.1.26-14.1fixed
wheezy (security)1.1.26-14.1+deb7u3fixed
jessie1.1.28-2+deb8u3fixed
jessie (security)1.1.28-2+deb8u2fixed
stretch1.1.29-2.1fixed
buster, sid1.1.29-5fixed
xulrunner (PTS)wheezy, wheezy (security)24.8.1esr-2~deb7u1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
iceapesource(unstable)2.0.14-1medium
iceapesourcelenny(not affected)
iceweaselsource(unstable)3.5.19-1medium
iceweaselsourcelenny(not affected)
libxsltsource(unstable)1.1.26-7low617413
libxsltsourcesqueeze1.1.26-6+squeeze1medium
xulrunnersource(unstable)(unfixed)unimportant

Notes

[lenny] - xulrunner <no-dsa> (minor issue)
[squeeze] - iceweasel <no-dsa> (minor issue)
[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
[squeeze] - iceape <no-dsa> (minor issue)
[lenny] - iceape <not-affected> (Only a stub package)
http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html
[lenny] - libxslt <no-dsa> (minor issue)
xulrunner in wheezy is not covered by security support

Search for package or bug name: Reporting problems