New Search

The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier as used in Google Chrome before 10.0.648.127 and other products allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.

oval:org.mitre.oval:def:14244

The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier as used in Google Chrome before 10.0.648.127 and other products allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008
  • Microsoft Windows XP
  • Microsoft Windows Server 2003
  • Microsoft Windows Vista
  • Microsoft Windows 2000
  • Microsoft Windows 7
Class:
vulnerability
Reference(s):
  • CVE-2011-1202
Product(s):
  • Google Chrome