Home

CVE-2015-7995

Description

The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a type confusion issue.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
3.037

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in OS X El Capitan 10.11.3 UpdateMac
XSLT processing library (USN-3271-1) libxslt1.1_1.1.26-8ubuntu1.4_i386.debLinux
XSLT processing library (USN-3271-1) libxslt1.1_1.1.26-8ubuntu1.4_amd64.debLinux
XSLT processing library (USN-3271-1) libxslt1.1_1.1.29-1ubuntu0.1_i386.debLinux
XSLT processing library (USN-3271-1) libxslt1.1_1.1.29-1ubuntu0.1_amd64.debLinux
XSLT processing library (USN-3271-1) libxslt1.1_1.1.29-2ubuntu0.1_i386.debLinux
XSLT processing library (USN-3271-1) libxslt1.1_1.1.29-2ubuntu0.1_amd64.debLinux
SUSE-SU-2017:1282-1(SUSE Linux Enterprise Server 11-SP4 ) libxslt-1.1.24-19.33.1.x86_64.rpmLinux
SUSE-SU-2017:1282-1(SUSE Linux Enterprise Server 11-SP4 ) libxslt-32bit-1.1.24-19.33.1.x86_64.rpmLinux
SUSE-SU-2017:1313-1(SUSE Linux Enterprise Desktop 12-SP1 ) libxslt-debugsource-1.1.28-16.1.x86_64.rpmLinux
SUSE-SU-2017:1313-1(SUSE Linux Enterprise Desktop 12-SP1 ) libxslt-tools-1.1.28-16.1.x86_64.rpmLinux
SUSE-SU-2017:1313-1(SUSE Linux Enterprise Desktop 12-SP1 ) libxslt-tools-debuginfo-1.1.28-16.1.x86_64.rpmLinux
SUSE-SU-2017:1313-1(SUSE Linux Enterprise Desktop 12-SP1 ) libxslt1-1.1.28-16.1.x86_64.rpmLinux
SUSE-SU-2017:1313-1(SUSE Linux Enterprise Desktop 12-SP1 ) libxslt1-32bit-1.1.28-16.1.x86_64.rpmLinux
SUSE-SU-2017:1313-1(SUSE Linux Enterprise Desktop 12-SP1 ) libxslt1-debuginfo-1.1.28-16.1.x86_64.rpmLinux
SUSE-SU-2017:1313-1(SUSE Linux Enterprise Desktop 12-SP1 ) libxslt1-debuginfo-32bit-1.1.28-16.1.x86_64.rpmLinux
CVE-2015-7995NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-600753OS X El Capitan 10.11.6 Update

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234