Vulnerability CVE-2013-0339

Vulnerability CVE-2013-0339

Published: 2014-01-21

Description:

	Topic	Author	Date
High	libxml2 and expat internal and external XML entity expansion	Kurt Seifried	22.02.2013
High	Apple iTunes 11.2.2 Insecure Libraries	Stefan Kanthak	08.07.2014
High	iTunes 11.2.2 for Windows: completely outdated and vulnerable 3rd party libraries	Stefan Kanthak	09.07.2014

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.8/10	6.4/10	8.6/10

Affected software
Xmlsoft -> Libxml2
SUSE -> Linux enterprise server
Debian -> Debian linux
Canonical -> Ubuntu linux

https://git.gnome.org/browse/libxml2/commit/?id=4629ee02ac649c27f9c0cf98ba017c6b5526070f

https://bugzilla.redhat.com/show_bug.cgi?id=915149

http://www.ubuntu.com/usn/USN-1904-2

http://www.ubuntu.com/usn/USN-1904-1

http://www.openwall.com/lists/oss-security/2013/04/12/6

http://www.debian.org/security/2013/dsa-2652

http://seclists.org/oss-sec/2013/q4/188

http://seclists.org/oss-sec/2013/q4/184

http://seclists.org/oss-sec/2013/q4/182

http://openwall.com/lists/oss-security/2013/02/22/3

http://openwall.com/lists/oss-security/2013/02/21/24

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html