CVE-2017-0663
Description
A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.042
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in IBM Aspera Shares 1.10.1 | Windows |
| GNOME XML library (USN-3235-1) libxml2_2.9.1+dfsg1-3ubuntu4.10_i386.deb | Linux |
| GNOME XML library (USN-3235-1) libxml2_2.9.1+dfsg1-3ubuntu4.10_amd64.deb | Linux |
| GNOME XML library (USN-3235-1) libxml2_2.9.3+dfsg1-1ubuntu0.3_i386.deb | Linux |
| GNOME XML library (USN-3235-1) libxml2_2.9.3+dfsg1-1ubuntu0.3_amd64.deb | Linux |
| GNOME XML library (USN-3424-1) libxml2_2.9.1+dfsg1-3ubuntu4.10_i386.deb | Linux |
| GNOME XML library (USN-3424-1) libxml2_2.9.1+dfsg1-3ubuntu4.10_amd64.deb | Linux |
| GNOME XML library (USN-3424-1) libxml2_2.9.3+dfsg1-1ubuntu0.3_i386.deb | Linux |
| GNOME XML library (USN-3424-1) libxml2_2.9.3+dfsg1-1ubuntu0.3_amd64.deb | Linux |
| libxml2 security update(DSA-3952-1) libxml2_2.9.1+dfsg1-5+deb8u5_i386.deb | Linux |
| libxml2 security update(DSA-3952-1) libxml2_2.9.4+dfsg1-2.2+deb9u1_i386.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234