Vulnerability CVE-2010-4008 - CERT Civis.Net

Vulnerability Name:

CVE-2010-4008 (CCN-63221)

Assigned:

2010-11-04

Published:

2010-11-04

Updated:

2020-06-04

Summary:

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-119
CWE-476

Vulnerability Consequences:

Denial of Service

References:

Source: CCN
Type: Bkis Security Blog
Libxml2 vulnerability in Google Chrome and Apple Safari

Source: MISC
Type: Broken Link
http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/

Source: CONFIRM
Type: Exploit, Issue Tracking, Patch, Vendor Advisory
http://code.google.com/p/chromium/issues/detail?id=58731

Source: MITRE
Type: CNA
CVE-2010-4008

Source: CONFIRM
Type: Vendor Advisory
http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2010-11-22-1

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2011-03-09-2

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2011-03-02-1

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2011-03-21-1

Source: SUSE
Type: Mailing List, Third Party Advisory
SUSE-SR:2010:023

Source: CCN
Type: Daniel Veillard
[xml] Release of libxml2-2.7.8

Source: MLIST
Type: Mailing List, Release Notes, Vendor Advisory
[xml] 20101104 Release of libxml2-2.7.8

Source: HP
Type: Third Party Advisory
SSRT100409

Source: HP
Type: Third Party Advisory
HPSBGN02970

Source: CCN
Type: RHSA-2011-1749
Low: libxml2 security and bug fix update

Source: CCN
Type: RHSA-2012-0017
Important: libxml2 security update

Source: CCN
Type: RHSA-2013-0217
Important: mingw32-libxml2 security update

Source: REDHAT
Type: Third Party Advisory
RHSA-2013:0217

Source: SECUNIA
Type: Third Party Advisory
40775

Source: CCN
Type: SA42109
Google Chrome Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory, Vendor Advisory
42109

Source: CCN
Type: SA42175
libxml XPath Denial of Service Vulnerability

Source: SECUNIA
Type: Third Party Advisory, Vendor Advisory
42175

Source: CCN
Type: SA42314
Apple iOS Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
42314

Source: SECUNIA
Type: Third Party Advisory
42429

Source: CCN
Type: SA44202
IBM Lotus Symphony OpenOffice.org Multiple Vulnerabilities

Source: CCN
Type: Apple Web site
About the security content of iOS 4.2

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT4456

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT4554

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT4566

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT4581

Source: DEBIAN
Type: Third Party Advisory
DSA-2128

Source: DEBIAN
Type: DSA-2128
libxml2 -- invalid memory access

Source: MANDRIVA
Type: Third Party Advisory
MDVSA-2010:243

Source: CONFIRM
Type: Third Party Advisory
http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html

Source: CCN
Type: OSVDB ID: 69205
libxml2 Crafted XML File XPath Axis Traversal DoS

Source: REDHAT
Type: Third Party Advisory
RHSA-2011:1749

Source: BID
Type: Third Party Advisory, VDB Entry
44779

Source: CCN
Type: BID-44779
libxml2 'XPATH' Memory Corruption Vulnerability

Source: UBUNTU
Type: Third Party Advisory
USN-1016-1

Source: VUPEN
Type: Permissions Required
ADV-2010-3046

Source: VUPEN
Type: Permissions Required
ADV-2010-3076

Source: VUPEN
Type: Permissions Required
ADV-2010-3100

Source: VUPEN
Type: Permissions Required
ADV-2011-0230

Source: CCN
Type: libxml Web site
The XML C parser and toolkit of Gnome

Source: XF
Type: UNKNOWN
libxml-xpath-dos(63221)

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:12148

Source: CCN
Type: IBM Support & Downloads Web site
IBM Lotus Symphony 3.0 Component Fix Pack 2 Release Notes

Source: SUSE
Type: SUSE-SR:2010:023
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:google:chrome:*:*:*:*:*:*:*:* (Version < 7.0.517.44)

Configuration 2:

cpe:/a:apple:itunes:*:*:*:*:*:*:*:* (Version < 10.2)

OR cpe:/a:apple:safari:*:*:*:*:*:*:*:* (Version < 5.0.4)

OR cpe:/o:apple:iphone_os:*:*:*:*:*:*:*:* (Version < 4.2)

OR cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* (Version < 10.6.7)

Configuration 3:

cpe:/a:xmlsoft:libxml2:*:*:*:*:*:*:*:* (Version < 2.7.8)

Configuration 4:

cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:6.0:*:*:*:*:*:*:*

Configuration 5:

cpe:/o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

Configuration 6:

cpe:/o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

Configuration 7:

cpe:/o:opensuse:opensuse:11.1:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:11.2:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:11.3:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux_enterprise_server:10:sp3:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux_enterprise_server:11:-:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:*

Configuration 8:

cpe:/a:apache:openoffice:*:*:*:*:*:*:*:* (Version >= 2.0.0 and <= 2.4.3)

OR cpe:/a:apache:openoffice:*:*:*:*:*:*:*:* (Version >= 3.0.0 and < 3.3.0)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*

OR cpe:/a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.0.0:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.0.1:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.0.2:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.1:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.0:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.0:*:*:*:*:*:*:*

OR cpe:/a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*

OR cpe:/a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*

OR cpe:/a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*

OR cpe:/a:xmlsoft:libxml:1.8.17:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.1:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:5.0:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*

OR cpe:/o:apple:ios:4.0:*:*:*:*:*:*:*

OR cpe:/o:apple:ios:4.0.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.498.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.499.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.499.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.500.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.500.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.503.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.503.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.504.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.505.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.506.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.507.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.507.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.507.2:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.507.3:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.509.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.510.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.511.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.511.2:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.511.4:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.512.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.513.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.514.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.514.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.515.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.516.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.10:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.11:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.12:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.13:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.14:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.16:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.17:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.18:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.19:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.2:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.20:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.21:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.22:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.23:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.24:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.25:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.26:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.27:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.28:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.29:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.30:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.31:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.32:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.33:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.34:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.35:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.36:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.37:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.38:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.39:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.4:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.40:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.517.41:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:2.1:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.0:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.1.2:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:iphone_os:3.1:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:ios:4.0.1:-:ipodtouch:*:*:*:*:*

OR cpe:/o:apple:ios:4.0:-:ipodtouch:*:*:*:*:*

OR cpe:/a:apple:itunes:10.0:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*

AND

cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

OR cpe:/h:apple:ipad:*:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:7.0.497.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*

OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*

OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:*

OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*

OR cpe:/a:ibm:lotus_symphony:3.0.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20104008	V	CVE-2010-4008	2022-09-02
oval:org.opensuse.security:def:32216	P	Security update for MozillaFirefox (Important)	2021-11-17
oval:org.opensuse.security:def:29444	P	Security update for samba (Important)	2021-11-16
oval:org.opensuse.security:def:29408	P	Security update for MozillaFirefox (Important)	2021-08-17
oval:org.opensuse.security:def:32082	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:32008	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:32819	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:27986	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32775	P	pure-ftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28622	P	Security update for xorg-x11-libxcb	2020-12-01
oval:org.opensuse.security:def:32309	P	Security update for quagga (Moderate)	2020-12-01
oval:org.opensuse.security:def:27998	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:33457	P	Security update for ipsec-tools	2020-12-01
oval:org.opensuse.security:def:28710	P	Security update for icedtea-web	2020-12-01
oval:org.opensuse.security:def:32453	P	Security update for xfsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:28192	P	Security update for libcap-ng (Moderate)	2020-12-01
oval:org.opensuse.security:def:31996	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:28770	P	Security update for libssh2_org	2020-12-01
oval:org.opensuse.security:def:32665	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28333	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32753	P	nagios-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28569	P	Security update for lcms	2020-12-01
oval:org.opensuse.security:def:27987	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:28671	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:32366	P	Security update for supportutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:28062	P	Security update for exempi (Moderate)	2020-12-01
oval:org.opensuse.security:def:33496	P	Security update for libxml2	2020-12-01
oval:org.opensuse.security:def:28726	P	Security update for krb5	2020-12-01
oval:org.opensuse.security:def:32609	P	tar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28276	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:31997	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32714	P	libgtop on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28417	P	Security update for tiff (Moderate)	2020-12-01
oval:org.mitre.oval:def:27942	P	ELSA-2011-1749 -- libxml2 security and bug fix update (low)	2014-12-15
oval:org.mitre.oval:def:27147	P	RHSA-2011:1749 -- libxml2 security and bug fix update (Low)	2014-12-08
oval:org.mitre.oval:def:13253	P	USN-1016-1 -- libxml2 vulnerability	2014-06-30
oval:org.mitre.oval:def:12709	P	DSA-2128-1 libxml2 -- invalid memory access	2014-06-23
oval:org.mitre.oval:def:23214	P	ELSA-2012:0017: libxml2 security update (Important)	2014-05-26
oval:org.mitre.oval:def:23888	P	ELSA-2013:0217: mingw32-libxml2 security update (Important)	2014-05-26
oval:org.mitre.oval:def:21164	P	RHSA-2012:0017: libxml2 security update (Important)	2014-02-24
oval:org.mitre.oval:def:20771	P	RHSA-2013:0217: mingw32-libxml2 security update (Important)	2014-02-17
oval:org.mitre.oval:def:12148	V	Vulnerability in libxml2 in Google Chrome before 7.0.517.44	2013-08-12
oval:com.redhat.rhsa:def:20130217	P	RHSA-2013:0217: mingw32-libxml2 security update (Important)	2013-01-31
oval:com.redhat.rhsa:def:20120017	P	RHSA-2012:0017: libxml2 security update (Important)	2012-01-11
oval:com.redhat.rhsa:def:20111749	P	RHSA-2011:1749: libxml2 security and bug fix update (Low)	2011-12-06
oval:org.debian:def:2128	V	invalid memory access	2010-12-01