Vulnerability CVE-2011-0216 - CERT Civis.Net

Vulnerability Name:

CVE-2011-0216 (CCN-68687)

Assigned:

2010-12-23

Published:

2011-07-20

Updated:

2013-02-07

Summary:

Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.1 Medium (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-189
CWE-122

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2011-0216

Source: APPLE
Type: Patch, Vendor Advisory
APPLE-SA-2011-07-20-1

Source: APPLE
Type: UNKNOWN
APPLE-SA-2011-10-12-1

Source: APPLE
Type: UNKNOWN
APPLE-SA-2011-10-12-2

Source: CCN
Type: RHSA-2011-1749
Low: libxml2 security and bug fix update

Source: CCN
Type: RHSA-2012-0016
Important: libxml2 security update

Source: CCN
Type: RHSA-2012-0017
Important: libxml2 security update

Source: CCN
Type: RHSA-2013-0217
Important: mingw32-libxml2 security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:0217

Source: CCN
Type: SA45325
Apple Safari Multiple Vulnerabilities

Source: CCN
Type: Apple KB HT4808
About the security content of Safari 5.1 and Safari 5.0.6

Source: CONFIRM
Type: Vendor Advisory
http://support.apple.com/kb/HT4808

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT4999

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT5001

Source: DEBIAN
Type: UNKNOWN
DSA-2394

Source: DEBIAN
Type: DSA-2394
libxml2 -- several vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:188

Source: CCN
Type: OSVDB ID: 73994
Apple Safari libxml XML Data Handling Off-by-one Overflow

Source: REDHAT
Type: UNKNOWN
RHSA-2011:1749

Source: CCN
Type: BID-48832
Apple Safari 'libxml' (CVE-2011-0216) Remote Code Execution Vulnerability

Source: XF
Type: UNKNOWN
apple-safari-libxml-xml-bo(68687)

Vulnerable Configuration:

Configuration 1:

cpe:/a:apple:safari:1.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.0:beta:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.0:beta2:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.0.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.0.0b1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.0.0b2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.0.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.0.3:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.0.3:85.8:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.1.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.2.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.2.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.2.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.2.3:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.2.4:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.2.5:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.3:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.3.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.3.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.3.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.3.2:312.5:*:*:*:*:*:*

OR cpe:/a:apple:safari:1.3.2:312.6:*:*:*:*:*:*

OR cpe:/a:apple:safari:2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:2.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:2.0.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:2.0.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:2.0.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:2.0.3:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:2.0.3:417.8:*:*:*:*:*:*

OR cpe:/a:apple:safari:2.0.3:417.9:*:*:*:*:*:*

OR cpe:/a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*

OR cpe:/a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*

OR cpe:/a:apple:safari:2.0.4:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.0b:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.1b:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.2b:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.3:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.3b:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.4:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.4b:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.1.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.1.0b:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.1.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.1.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.2.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.2.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.2.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:4.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:4.1.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:4.1.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:5.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:5.0.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:5.0.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:5.0.3:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:5.0.4:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:*:*:*:*:*:*:*:* (Version <= 5.0.5)

AND

cpe:/o:microsoft:windows_7:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 10:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 11:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 12:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 13:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 14:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apple:safari:5.0.6:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:5.1:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:27942	P	ELSA-2011-1749 -- libxml2 security and bug fix update (low)	2014-12-15
oval:org.mitre.oval:def:27147	P	RHSA-2011:1749 -- libxml2 security and bug fix update (Low)	2014-12-08
oval:org.mitre.oval:def:15446	P	USN-1334-1 -- libxml2 vulnerabilities	2014-06-30
oval:org.mitre.oval:def:15165	P	DSA-2394-1 libxml2 -- several	2014-06-23
oval:org.mitre.oval:def:23214	P	ELSA-2012:0017: libxml2 security update (Important)	2014-05-26
oval:org.mitre.oval:def:23888	P	ELSA-2013:0217: mingw32-libxml2 security update (Important)	2014-05-26
oval:org.mitre.oval:def:21164	P	RHSA-2012:0017: libxml2 security update (Important)	2014-02-24
oval:org.mitre.oval:def:20771	P	RHSA-2013:0217: mingw32-libxml2 security update (Important)	2014-02-17
oval:com.redhat.rhsa:def:20130217	P	RHSA-2013:0217: mingw32-libxml2 security update (Important)	2013-01-31
oval:com.redhat.rhsa:def:20120016	P	RHSA-2012:0016: libxml2 security update (Important)	2012-01-11
oval:com.redhat.rhsa:def:20120017	P	RHSA-2012:0017: libxml2 security update (Important)	2012-01-11
oval:com.redhat.rhsa:def:20111749	P	RHSA-2011:1749: libxml2 security and bug fix update (Low)	2011-12-06