VDB
DEBIAN-CVE-2010-4008
DEBIAN-CVE-2010-4008
PUBLISHED
CVSS 8.699999809265137 HIGH
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | libxml2 | 0, 0, 0 |
| Debian:11 | libxml2 | 0, 0, 0 |
| Debian:12 | libxml2 | 0, 0, 0 |
| Debian:13 | libxml2 | 0, 0, 0 |
Timeline
- Nov 17, 2010 CVE Published
- Apr 28, 2026 CVE Updated