Description
An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way libxml2 parsed certain XPath expressions. If an attacker
were able to supply a specially-crafted XML file to an application using
libxml2, as well as an XPath expression for that application to run against
the crafted file, it could cause the application to crash or, possibly,
execute arbitrary code. (CVE-2011-1944)
Multiple flaws were found in the way libxml2 parsed certain XPath
expressions. If an attacker were able to supply a specially-crafted XML
file to an application using libxml2, as well as an XPath expression for
that application to run against the crafted file, it could cause the
application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821,
CVE-2011-2834)