CVE-2012-2893

Description

Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms.

How to fix CVE-2012-2893

To remediate CVE-2012-2893, upgrade the affected package to a fixed version below.

• Debian/libxslt—upgrade to 1.1.26-14 or later

Is CVE-2012-2893 being exploited?

Low — EPSS is 1.7%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 1.1.26-14

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2012-2893