Denial of Service Vulnerability in Libxslt Affects Multiple Vendor Products
CVE-2013-4520

Currently unrated

Key Information:

Vendor: Xmlsoft
Status: Libxslt
Vendor: CVE Published:; 14 December 2013

What is CVE-2013-4520?

The vulnerability in libxslt allows context-dependent attackers to trigger a denial of service by leveraging a specially crafted stylesheet that includes a Document Type Definition (DTD). This flaw occurs when a certain structure is misinterpreted, leading to a process crash. The issue is a result of an incomplete remedy to a previous vulnerability (CVE-2012-2825), and it underscores the importance of maintaining updated software versions to mitigate such security risks.

References

http://seclists.org/oss-sec/2013/q4/239

mailing-listx_refsource_MLIST

https://gitorious.org/libxslt/libxslt/commit/7089a62b8f13...

x_refsource_MISC

https://www.suse.com/support/update/announcement/2013/sus...

vendor-advisoryx_refsource_SUSE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 14, 2013
Vulnerability Reserved
Jun 12, 2013

Xmlsoft

What is CVE-2013-4520?

References

Timeline