Home

CVE-2017-15412

Description

Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
3.546

Associated Vulnerability

VulnerabilityOS Platform
Update for Google Chrome (63.0.3239.84)Windows
Update for Google Chrome x64 (63.0.3239.84)Windows
Vulnerabilities CVE-2017-15412,CVE-2017-18258 are fixed in Ruby-nokogiri 1.8.2Windows
Multiple Vulnerabilities are affected in IBM Aspera Shares 1.10.1Windows
Multiple vulnerabilities are fixed in Update for Google Chrome For Mac (63.0.3239.84)Mac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.4 - Reboot AutomaticallyMac
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.4 Combo Update - Reboot AutomaticallyMac
GNOME XML library (USN-3424-1) libxml2_2.9.4+dfsg1-2.2ubuntu0.3_i386.debLinux
GNOME XML library (USN-3424-1) libxml2_2.9.4+dfsg1-2.2ubuntu0.3_amd64.debLinux
GNOME XML library (USN-3504-1) libxml2_2.9.3+dfsg1-1ubuntu0.5_i386.debLinux
GNOME XML library (USN-3504-1) libxml2_2.9.3+dfsg1-1ubuntu0.5_amd64.debLinux
GNOME XML library (USN-3504-1) libxml2_2.9.4+dfsg1-4ubuntu1.2_i386.debLinux
GNOME XML library (USN-3504-1) libxml2_2.9.4+dfsg1-4ubuntu1.2_amd64.debLinux
GNOME XML library (USN-3504-1) libxml2_2.9.1+dfsg1-3ubuntu4.12_i386.debLinux
GNOME XML library (USN-3504-1) libxml2_2.9.1+dfsg1-3ubuntu4.12_amd64.debLinux
GNOME XML library (USN-3504-1) libxml2-utils_2.9.3+dfsg1-1ubuntu0.5_i386.debLinux
GNOME XML library (USN-3504-1) libxml2-utils_2.9.3+dfsg1-1ubuntu0.5_amd64.debLinux
GNOME XML library (USN-3504-1) libxml2-utils_2.9.4+dfsg1-4ubuntu1.2_i386.debLinux
GNOME XML library (USN-3504-1) libxml2-utils_2.9.4+dfsg1-4ubuntu1.2_amd64.debLinux
GNOME XML library (USN-3504-1) libxml2-utils_2.9.1+dfsg1-3ubuntu4.12_i386.debLinux
GNOME XML library (USN-3504-1) libxml2-utils_2.9.1+dfsg1-3ubuntu4.12_amd64.debLinux
GNOME XML library (USN-3504-1) python-libxml2_2.9.3+dfsg1-1ubuntu0.5_i386.debLinux
GNOME XML library (USN-3504-1) python-libxml2_2.9.3+dfsg1-1ubuntu0.5_amd64.debLinux
GNOME XML library (USN-3504-1) python-libxml2_2.9.4+dfsg1-4ubuntu1.2_i386.debLinux
GNOME XML library (USN-3504-1) python-libxml2_2.9.4+dfsg1-4ubuntu1.2_amd64.debLinux
GNOME XML library (USN-3504-1) python-libxml2_2.9.1+dfsg1-3ubuntu4.12_i386.debLinux
GNOME XML library (USN-3504-1) python-libxml2_2.9.1+dfsg1-3ubuntu4.12_amd64.debLinux
GNOME XML library (USN-3504-1) python3-libxml2_2.9.4+dfsg1-4ubuntu1.2_i386.debLinux
GNOME XML library (USN-3504-1) python3-libxml2_2.9.4+dfsg1-4ubuntu1.2_amd64.debLinux
GNOME XML library (USN-3513-1) libxml2_2.9.3+dfsg1-1ubuntu0.6_amd64.debLinux
GNOME XML library (USN-3513-1) libxml2_2.9.3+dfsg1-1ubuntu0.6_i386.debLinux
GNOME XML library (USN-3513-1) libxml2_2.9.4+dfsg1-4ubuntu1.2_i386.debLinux
GNOME XML library (USN-3513-1) libxml2_2.9.4+dfsg1-4ubuntu1.2_amd64.debLinux
GNOME XML library (USN-3513-1) libxml2_2.9.1+dfsg1-3ubuntu4.13_amd64.debLinux
GNOME XML library (USN-3513-1) libxml2_2.9.1+dfsg1-3ubuntu4.13_i386.debLinux
GNOME XML library (USN-3513-1) libxml2_2.9.4+dfsg1-2.2ubuntu0.3_i386.debLinux
GNOME XML library (USN-3513-1) libxml2_2.9.4+dfsg1-2.2ubuntu0.3_amd64.debLinux
GNOME XML library (USN-3513-1) libxml2-utils_2.9.3+dfsg1-1ubuntu0.6_amd64.debLinux
GNOME XML library (USN-3513-1) libxml2-utils_2.9.3+dfsg1-1ubuntu0.6_i386.debLinux
GNOME XML library (USN-3513-1) libxml2-utils_2.9.4+dfsg1-4ubuntu1.2_i386.debLinux
GNOME XML library (USN-3513-1) libxml2-utils_2.9.4+dfsg1-4ubuntu1.2_amd64.debLinux
GNOME XML library (USN-3513-1) libxml2-utils_2.9.1+dfsg1-3ubuntu4.13_amd64.debLinux
GNOME XML library (USN-3513-1) libxml2-utils_2.9.1+dfsg1-3ubuntu4.13_i386.debLinux
GNOME XML library (USN-3513-1) libxml2-utils_2.9.4+dfsg1-2.2ubuntu0.3_i386.debLinux
GNOME XML library (USN-3513-1) libxml2-utils_2.9.4+dfsg1-2.2ubuntu0.3_amd64.debLinux
GNOME XML library (USN-3513-1) python-libxml2_2.9.3+dfsg1-1ubuntu0.6_amd64.debLinux
GNOME XML library (USN-3513-1) python-libxml2_2.9.3+dfsg1-1ubuntu0.6_i386.debLinux
GNOME XML library (USN-3513-1) python-libxml2_2.9.4+dfsg1-4ubuntu1.2_i386.debLinux
GNOME XML library (USN-3513-1) python-libxml2_2.9.4+dfsg1-4ubuntu1.2_amd64.debLinux
GNOME XML library (USN-3513-1) python-libxml2_2.9.1+dfsg1-3ubuntu4.13_amd64.debLinux
GNOME XML library (USN-3513-1) python-libxml2_2.9.1+dfsg1-3ubuntu4.13_i386.debLinux
GNOME XML library (USN-3513-1) python-libxml2_2.9.4+dfsg1-2.2ubuntu0.3_i386.debLinux
GNOME XML library (USN-3513-1) python-libxml2_2.9.4+dfsg1-2.2ubuntu0.3_amd64.debLinux
GNOME XML library (USN-3513-1) python3-libxml2_2.9.4+dfsg1-4ubuntu1.2_i386.debLinux
GNOME XML library (USN-3513-1) python3-libxml2_2.9.4+dfsg1-4ubuntu1.2_amd64.debLinux
GNOME XML library (USN-3513-1) python3-libxml2_2.9.4+dfsg1-2.2ubuntu0.3_i386.debLinux
GNOME XML library (USN-3513-1) python3-libxml2_2.9.4+dfsg1-2.2ubuntu0.3_amd64.debLinux
libxml2 security update(DSA-4086-1) libxml2_2.9.4+dfsg1-2.2+deb9u2_i386.debLinux
libxml2 security update(DSA-4086-1) libxml2_2.9.4+dfsg1-2.2+deb9u2_amd64.debLinux
SUSE-SU-2018:0395-1(SUSE Linux Enterprise Server 11-SP4 ) libxml2-2.7.6-0.77.10.1.x86_64.rpmLinux
SUSE-SU-2018:0395-1(SUSE Linux Enterprise Server 11-SP4 ) libxml2-32bit-2.7.6-0.77.10.1.x86_64.rpmLinux
SUSE-SU-2018:0395-1(SUSE Linux Enterprise Server 11-SP4 ) libxml2-doc-2.7.6-0.77.10.1.x86_64.rpmLinux
SUSE-SU-2018:0395-1(SUSE Linux Enterprise Server 11-SP4 ) libxml2-python-2.7.6-0.77.10.1.x86_64.rpmLinux
SUSE-SU-2018:0401-1(SUSE Linux Enterprise Desktop 12-SP2 ) libxml2-2-2.9.4-46.12.1.x86_64.rpmLinux
SUSE-SU-2018:0401-1(SUSE Linux Enterprise Desktop 12-SP2 ) libxml2-2-32bit-2.9.4-46.12.1.x86_64.rpmLinux
SUSE-SU-2018:0401-1(SUSE Linux Enterprise Desktop 12-SP2 ) libxml2-2-debuginfo-2.9.4-46.12.1.x86_64.rpmLinux
SUSE-SU-2018:0401-1(SUSE Linux Enterprise Desktop 12-SP2 ) libxml2-2-debuginfo-32bit-2.9.4-46.12.1.x86_64.rpmLinux
SUSE-SU-2018:0401-1(SUSE Linux Enterprise Desktop 12-SP2 ) libxml2-debugsource-2.9.4-46.12.1.x86_64.rpmLinux
SUSE-SU-2018:0401-1(SUSE Linux Enterprise Server 12-SP2 ) libxml2-doc-2.9.4-46.12.1.noarch.rpmLinux
SUSE-SU-2018:0401-1(SUSE Linux Enterprise Desktop 12-SP2 ) libxml2-tools-2.9.4-46.12.1.x86_64.rpmLinux
SUSE-SU-2018:0401-1(SUSE Linux Enterprise Desktop 12-SP2 ) libxml2-tools-debuginfo-2.9.4-46.12.1.x86_64.rpmLinux
SUSE-SU-2018:0401-1(SUSE Linux Enterprise Desktop 12-SP2 ) python-libxml2-2.9.4-46.12.1.x86_64.rpmLinux
SUSE-SU-2018:0401-1(SUSE Linux Enterprise Desktop 12-SP2 ) python-libxml2-debuginfo-2.9.4-46.12.1.x86_64.rpmLinux
SUSE-SU-2018:0401-1(SUSE Linux Enterprise Desktop 12-SP2 ) python-libxml2-debugsource-2.9.4-46.12.1.x86_64.rpmLinux
(RHSA-2020:1190) libxml2 security update libxml2-2.9.1-6.el7.4.i686.rpmLinux
(RHSA-2020:1190) libxml2 security update libxml2-2.9.1-6.el7.4.x86_64.rpmLinux
(RHSA-2020:1190) libxml2 security update libxml2-devel-2.9.1-6.el7.4.i686.rpmLinux
(RHSA-2020:1190) libxml2 security update libxml2-devel-2.9.1-6.el7.4.x86_64.rpmLinux
(RHSA-2020:1190) libxml2 security update libxml2-python-2.9.1-6.el7.4.x86_64.rpmLinux
(RHSA-2020:1190) libxml2 security update libxml2-static-2.9.1-6.el7.4.i686.rpmLinux
(RHSA-2020:1190) libxml2 security update libxml2-static-2.9.1-6.el7.4.x86_64.rpmLinux
Update for Google Chrome (63.0.3239.84) (For Ubuntu)Linux
Update for Google Chrome (63.0.3239.84) (For Debian)Linux
Update for Google Chrome (63.0.3239.84) (For Centos)Linux
Update for Google Chrome (63.0.3239.84) (For RedHat)Linux
Update for Google Chrome (63.0.3239.84) (For Suse)Linux
(CESA-2020:1190) libxml2 security update libxml2-2.9.1-6.el7.4.x86_64.rpmLinux
Vulnerabilities CVE-2017-15412,CVE-2017-18258 are fixed in Ruby-nokogiri for Linux 1.8.2Linux
Use After Free Vulnerability (CVE-2017-15412)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-306788Update for Google Chrome (63.0.3239.84)
PATCH-306789Update for Google Chrome x64 (63.0.3239.84)
PATCH-609673Google Chrome for Mac (132.0.6834.83, 132.0.6834.84)
PATCH-601562macOS High Sierra 10.13.6 - Reboot Automatically
PATCH-601563macOS High Sierra 10.13.6 Combo Update - Reboot Automatically

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234