Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2011-1425

Disclosure Date: April 04, 2011
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Additional Info

Technical Analysis