VYPR
Unrated severityNVD Advisory· Published Nov 17, 2010· Updated Jun 16, 2026

CVE-2010-4008

CVE-2010-4008

Description

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

27
  • cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*
    Range: >=2.0.0,<=2.4.3
  • cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
    Range: <10.2
  • Apple Inc./Safari2 versions
    cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <5.0.4
    • (no CPE)range: <=5.0.2
  • Google/Chrome2 versions
    cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*range: <7.0.517.44
    • (no CPE)range: <7.0.517.44
  • Xmlsoft/Libxml22 versions
    cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*range: <2.7.8
    • (no CPE)range: <2.7.8
  • cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
    Range: <4.2
  • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
    Range: <10.6.7
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*+ 4 more
    • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
  • Debian/linux2 versions
    cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE3 versions
    cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp3:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp3:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux_enterprise_server:11:-:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

32

News mentions

0

No linked articles in our index yet.