Podatność CVE-2013-0339

Podatność CVE-2013-0339

Publikacja: 2014-01-21

Opis:

	Tytuł	Autor	Data
High	libxml2 and expat internal and external XML entity expansion	Kurt Seifried	22.02.2013
High	Apple iTunes 11.2.2 Insecure Libraries	Stefan Kanthak	08.07.2014
High	iTunes 11.2.2 for Windows: completely outdated and vulnerable 3rd party libraries	Stefan Kanthak	09.07.2014

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
6.8/10	6.4/10	8.6/10

Affected software
Xmlsoft -> Libxml2
SUSE -> Linux enterprise server
Debian -> Debian linux
Canonical -> Ubuntu linux

https://git.gnome.org/browse/libxml2/commit/?id=4629ee02ac649c27f9c0cf98ba017c6b5526070f

https://bugzilla.redhat.com/show_bug.cgi?id=915149

http://www.ubuntu.com/usn/USN-1904-2

http://www.ubuntu.com/usn/USN-1904-1

http://www.openwall.com/lists/oss-security/2013/04/12/6

http://www.debian.org/security/2013/dsa-2652

http://seclists.org/oss-sec/2013/q4/188

http://seclists.org/oss-sec/2013/q4/184

http://seclists.org/oss-sec/2013/q4/182

http://openwall.com/lists/oss-security/2013/02/22/3

http://openwall.com/lists/oss-security/2013/02/21/24

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html