CVE-2011-1202

The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2011-03-11 02:01

Updated : 2023-12-10 11:03


NVD link : CVE-2011-1202

Mitre link : CVE-2011-1202

CVE.ORG link : CVE-2011-1202


JSON object : View

Products Affected

xmlsoft

  • libxslt

google

  • chrome
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor