Rapid7 Vulnerability & Exploit Database

Gentoo Linux: CVE-2011-1425: Multiple packages, Multiple vulnerabilities fixed in 2011

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

Gentoo Linux: CVE-2011-1425: Multiple packages, Multiple vulnerabilities fixed in 2011

Severity

CVSS

(AV:N/AC:H/Au:N/C:P/I:P/A:P)

Published

04/04/2011

Created

07/25/2018

Added

10/30/2017

Modified

10/30/2017

Description

xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.

Solution(s)

gentoo-linux-upgrade-app-admin-syslog-ng
gentoo-linux-upgrade-app-misc-ca-certificates
gentoo-linux-upgrade-app-office-gnucash
gentoo-linux-upgrade-dev-db-unixodbc
gentoo-linux-upgrade-dev-libs-xmlsec
gentoo-linux-upgrade-dev-php-pear-mail
gentoo-linux-upgrade-dev-php-pear-pear
gentoo-linux-upgrade-dev-util-oprofile
gentoo-linux-upgrade-dev-util-qt-creator
gentoo-linux-upgrade-dev-vcs-gitolite
gentoo-linux-upgrade-games-sports-racer-bin
gentoo-linux-upgrade-gnome-base-gdm
gentoo-linux-upgrade-media-libs-fmod
gentoo-linux-upgrade-media-libs-xine-lib
gentoo-linux-upgrade-media-sound-lastfmplayer
gentoo-linux-upgrade-net-analyzer-sflowtool
gentoo-linux-upgrade-net-libs-libsoup
gentoo-linux-upgrade-net-libs-webkit-gtk
gentoo-linux-upgrade-net-misc-mrouted
gentoo-linux-upgrade-net-misc-rsync
gentoo-linux-upgrade-net-misc-vino
gentoo-linux-upgrade-sys-apps-shadow
gentoo-linux-upgrade-sys-cluster-resource-agents
gentoo-linux-upgrade-sys-fs-lvm2
gentoo-linux-upgrade-x11-apps-xrdb

References

https://attackerkb.com/topics/cve-2011-1425
47135
CVE - 2011-1425
DSA-2219
201412-09
RHSA-2011:0486
66506

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Gentoo Linux: CVE-2011-1425: Multiple packages, Multiple vulnerabilities fixed in 2011

Gentoo Linux: CVE-2011-1425: Multiple packages, Multiple vulnerabilities fixed in 2011

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.