CVE-2010-4494

Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

Published: Dec 7, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-4494
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-415

Affected Software
References

Software	From	Fixed in
google / chrome	-	8.0.552.215
xmlsoft / libxml2	-	2.7.8.x
apple / mac_os_x	-	10.6.7
apple / itunes	-	10.2
apple / safari	-	5.0.4
apple / iphone_os	-	4.3.0
opensuse / opensuse	11.2	11.2.x
opensuse / opensuse	11.3	11.3.x
suse / suse_linux_enterprise_server	11-sp1	11-sp1.x
fedoraproject / fedora	14	14.x
redhat / enterprise_linux_desktop	6.0	6.0.x
redhat / enterprise_linux_server	6.0	6.0.x
redhat / enterprise_linux_workstation	6.0	6.0.x
redhat / enterprise_linux_eus	6.3	6.3.x
debian / debian_linux	5.0	5.0.x
debian / debian_linux	6.0	6.0.x
hp / insight_control_server_deployment	-	-
hp / rapid_deployment_pack	-	-
apache / openoffice	3.0.0	3.3.0
apache / openoffice	2.1.0	2.4.3.x

Vulnerability Database

289,599

CVE-2010-4494