CVE-2011-1425

XML Security Library <1.2.17 - File Creation/Overwrite

Title source: llm

Description

xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.

Exploits (1)

exploitdb WORKING POC

rubyremotewindows

https://www.exploit-db.com/exploits/17993

View on exploitdb

References (19)

[Patch] http://git.gnome.org/browse/xmlsec/commit/?id=2d5eddcc4163ea050cf3a3a1a25452bb5124f780

[Patch] http://git.gnome.org/browse/xmlsec/commit/?id=35eaacde6093d6711339754fc2146341b8b9f5fa

[Vendor Advisory] http://secunia.com/advisories/43920

[Various Sources] http://trac.webkit.org/changeset/79159

[Patch] http://www.aleksey.com/pipermail/xmlsec/2011/009120.html

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2011:063

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2011-0486.html

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1025284

[Various Sources] https://bugs.webkit.org/show_bug.cgi?id=52688

[Patch] https://bugzilla.redhat.com/show_bug.cgi?id=692133

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/66506

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/47135

[Third Party Advisory] http://www.debian.org/security/2011/dsa-2219

[Third Party Advisory] http://secunia.com/advisories/44167

[Third Party Advisory] http://secunia.com/advisories/44423

[Third Party Advisory] http://www.vupen.com/english/advisories/2011/0855

[Third Party Advisory] http://www.vupen.com/english/advisories/2011/0858

[Third Party Advisory] http://www.vupen.com/english/advisories/2011/1010

[Third Party Advisory] http://www.vupen.com/english/advisories/2011/1172

Scores

EPSS 0.0931

EPSS Percentile 92.6%

Classification

CWE

CWE-264

Status draft

Affected Products (44)

aleksey/xml_security_library < 1.2.16

aleksey/xml_security_library

aleksey/xml_security_library

aleksey/xml_security_library

aleksey/xml_security_library

aleksey/xml_security_library

aleksey/xml_security_library

aleksey/xml_security_library

aleksey/xml_security_library

aleksey/xml_security_library

aleksey/xml_security_library

aleksey/xml_security_library

aleksey/xml_security_library

aleksey/xml_security_library

aleksey/xml_security_library

... and 29 more

Timeline

Published Apr 04, 2011

Tracked Since Feb 18, 2026