Lucene search
Gentoo FoundationMGASA-2014-0152HistoryApr 03, 2014 - 4:50 a.m.
Updated xalan-j2 packages fix CVE-2014-0107
2014-04-0304:50:42
Gentoo Foundation
advisories.mageia.org
13
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
77.1%
Updated xalan-j2 packages fix security vulnerability: Nicolas Gregoire discovered several vulnerabilities in libxalan2-java. Crafted XSLT programs could access system properties or load arbitrary classes, resulting in information disclosure and, potentially, arbitrary code execution (CVE-2014-0107).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | xalan-j2 | < 2.7.1-5.1 | xalan-j2-2.7.1-5.1.mga3 |
| Mageia | 4 | noarch | xalan-j2 | < 2.7.1-6.1 | xalan-j2-2.7.1-6.1.mga4 |
Related
fedora
fedora
[SECURITY] Fedora 20 Update: xalan-j2-2.7.1-22.fc20
2014-04-05 04:56:01
[SECURITY] Fedora 19 Update: xalan-j2-2.7.1-22.fc19
2014-04-05 04:53:40
ibm
ibm
nessus
nessus
SuSE 11.3 Security Update : xalan-j2 (SAT Patch Number 9426)
2014-07-05 00:00:00
RHEL 5 / 6 : xalan-j2 (RHSA-2014:0348)
2014-04-02 00:00:00
Oracle Linux 5 / 6 : xalan-j2 (ELSA-2014-0348)
2014-04-02 00:00:00
veracode
veracode
Apache Xalan Remote Code Execution
2019-01-15 08:52:31
redhat
redhat
securityvulns
securityvulns
[oCERT-2014-002] Xalan-Java insufficient secure processing
2014-03-27 00:00:00
[USN-2218-1] Xalan-Java vulnerability
2014-06-14 00:00:00
libxalan security vulnerabilities
2014-03-27 00:00:00
debian
debian
[SECURITY] [DSA 2886-1] libxalan2-java security update
2014-03-26 20:21:08
ubuntucve
ubuntucve
CVE-2014-0107
2014-04-15 00:00:00
openvas
openvas
Fedora Update for xalan-j2 FEDORA-2014-4426
2014-04-08 00:00:00
Fedora Update for xalan-j2 FEDORA-2014-4443
2014-04-08 00:00:00
Debian: Security Advisory (DSA-2886-1)
2014-03-25 00:00:00
f5
f5
SOL15595 - Apache Xalan-Java vulnerability CVE-2014-0107
2014-09-15 00:00:00
K15595 : Apache Xalan-Java vulnerability CVE-2014-0107
2014-09-15 00:00:00
suse
suse
Security update for xalan-j2 (important)
2014-07-04 21:04:15
osv
osv
Improper Authorization in Apache Xalan-Java
2022-05-13 01:05:38
seebug
seebug
Apache Xalan-Java FEATURE_SECURE_PROCESSIN属性处理安全绕过漏洞
2014-03-27 00:00:00
Apache Xalan-Java Library安全绕过漏洞
2014-04-03 00:00:00
debiancve
debiancve
CVE-2014-0107
2014-04-15 23:13:00
amazon
amazon
Important: xalan-j2
2014-04-17 23:50:00
oraclelinux
oraclelinux
xalan-j2 security update
2014-04-01 00:00:00
prion
prion
Design/Logic Flaw
2014-04-15 23:13:00
github
github
Improper Authorization in Apache Xalan-Java
2022-05-13 01:05:38
gentoo
gentoo
Xalan-Java: Arbitrary code execution
2016-04-02 00:00:00
cve
cve
CVE-2014-0107
2014-04-15 23:13:00
centos
centos
xalan security update
2014-04-02 12:17:13
ubuntu
ubuntu
Xalan-Java vulnerability
2014-05-21 00:00:00
attackerkb
attackerkb
CVE-2022-47966
2023-01-20 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2016
2016-01-19 00:00:00
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
77.1%
Related for MGASA-2014-0152