Oval Definition:oval:org.mitre.oval:def:23103
Revision Date:2014-05-26Version:13
Title:ELSA-2011:0486: xmlsec1 security and bug fix update (Moderate)
Description:xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2011-1425
ELSA-2011:0486-01
Platform(s):Oracle Linux 5
Product(s):xmlsec1
Definition Synopsis
  • Oracle Linux 5.x
  • AND rpm test
  • xmlsec1-nss-devel is earlier than 0:1.2.9-8.1.2
  • OR xmlsec1-openssl is earlier than 0:1.2.9-8.1.2
  • OR xmlsec1-nss is earlier than 0:1.2.9-8.1.2
  • OR xmlsec1-gnutls is earlier than 0:1.2.9-8.1.2
  • OR xmlsec1 is earlier than 0:1.2.9-8.1.2
  • OR xmlsec1-gnutls-devel is earlier than 0:1.2.9-8.1.2
  • OR xmlsec1-openssl-devel is earlier than 0:1.2.9-8.1.2
  • OR xmlsec1-devel is earlier than 0:1.2.9-8.1.2
    • BACK