Lucene search
GoogleOSV:DSA-3321-1HistoryJul 30, 2015 - 12:00 a.m.
xmltooling - security update
2015-07-3000:00:00
Google
osv.dev
8
0.009 Low
EPSS
Percentile
82.9%
The InCommon Shibboleth Training team discovered that XMLTooling, a
C++ XML parsing library, did not properly handle an exception when
parsing well-formed but schema-invalid XML. This could allow remote
attackers to cause a denial of service (crash) via crafted XML data.
For the oldstable distribution (wheezy), this problem has been fixed
in version 1.4.2-5+deb7u1.
For the stable distribution (jessie), this problem has been fixed in
version 1.5.3-2+deb8u1.
For the unstable distribution (sid), this problem will be fixed shortly.
We recommend that you upgrade your xmltooling packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| xmltooling | eq | 1.5.3-2 |
References
Related
openvas
openvas
Debian Security Advisory DSA 3321-1 (xmltooling - security update)
2015-07-30 00:00:00
Debian: Security Advisory (DSA-3321-2)
2015-07-29 00:00:00
Debian: Security Advisory (DLA-290-2)
2023-03-08 00:00:00
prion
prion
Design/Logic Flaw
2015-08-12 14:59:00
debian
debian
[SECURITY] [DSA 3321-2] opensaml2 security update
2015-08-08 10:18:00
[SECURITY] [DLA 290-1] xmltooling security update
2015-08-09 20:44:09
[SECURITY] [DLA 290-2] opensaml2 security update
2015-08-10 21:01:14
ubuntucve
ubuntucve
CVE-2015-0851
2015-08-12 00:00:00
cvelist
cvelist
CVE-2015-0851
2015-08-12 14:00:00
cve
cve
CVE-2015-0851
2015-08-12 14:59:01
nessus
nessus
Debian DSA-3321-1 : xmltooling - security update
2015-07-31 00:00:00
Debian DLA-290-2 : opensaml2 security update
2015-08-10 00:00:00
NetIQ Sentinel < 7.4.1 Multiple Vulnerabilities
2016-04-26 00:00:00
mageia
mageia
Updated xmltooling packages fix CVE-2015-0851
2015-09-08 20:55:59
nvd
nvd
CVE-2015-0851
2015-08-12 14:59:01
debiancve
debiancve
CVE-2015-0851
2015-08-12 14:59:01
securityvulns
securityvulns
DoS против библиотеки XMLTooling
2015-08-02 00:00:00
[SECURITY] [DSA 3321-1] xmltooling security update
2015-08-02 00:00:00