Search for vulnerabilities
Vulnerability details: VCID-rqpp-ad86-aaad
Vulnerability ID VCID-rqpp-ad86-aaad
Aliases CVE-2013-1969
Summary Use After Free Multiple use-after-free vulnerabilities in libxml2 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (5)
CWE-399 Resource Management Errors
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-216 DEPRECATED: Containment Errors (Container Errors)
CWE-416 Use After Free
System Score Found at
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.00954 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01288 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01625 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01625 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01625 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.01625 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
epss 0.03311 https://api.first.org/data/v1/epss?cve=CVE-2013-1969
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=953722
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2013-1969
Reference id Reference type URL
http://lists.opensuse.org/opensuse-updates/2013-04/msg00109.html
http://lists.opensuse.org/opensuse-updates/2013-06/msg00081.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1969.json
https://api.first.org/data/v1/epss?cve=CVE-2013-1969
https://bugzilla.gnome.org/show_bug.cgi?id=690202
http://secunia.com/advisories/53061
https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f
http://www.openwall.com/lists/oss-security/2013/04/17/4
http://www.openwall.com/lists/oss-security/2013/04/19/1
http://www.ubuntu.com/usn/USN-1817-1
953722 https://bugzilla.redhat.com/show_bug.cgi?id=953722
cpe:2.3:a:xmlsoft:libxml2:2.9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.0:*:*:*:*:*:*:*
CVE-2013-1969 https://nvd.nist.gov/vuln/detail/CVE-2013-1969
GLSA-201311-06 https://security.gentoo.org/glsa/201311-06
GLSA-201412-11 https://security.gentoo.org/glsa/201412-11
USN-1817-1 https://usn.ubuntu.com/1817-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2013-1969
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.74349
EPSS Score 0.00954
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.