suse · CVE-2011-1944

Quick triage

Priority: critical Published: 2021-05-30 12:57:36 UTC Updated: 2026-04-18 20:01:36 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2011-1944 severity critical: SUSE including 76 source package names (libxml2-2-2.11.6-2.1, libxml2-2-2.11.6-slfo.1.1_1.2, …), 102 product×package rows across 32 product lines (SUSE Linux Enterprise Desktop 12, SUSE Linux Enterprise Desktop 12 SP1, … (32 product lines)): Fixed 102.

Description:

Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.

cvelogic Threat Intelligence