The MITRE CVE dictionary describes this issue as:
The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
Find out more about CVE-2011-1202 from the
MITRE CVE dictionary dictionary and
This issue affects the versions of libxslt package as shipped with Red Hat
Enterprise Linux 4, 5 and 6. The Red Hat Security Response Team has rated this
issue as having low security impact, a future update may address this flaw.