11 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-4570
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted...
Mageia: Security Advisory (MGASA-2017-0103)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1641-1 : mxml security update
Several stack exhaustion conditions were found in mxml that can easily crash when parsing xml files. CVE-2016-4570 The mxmlDelete function in mxml-node.c allows remote attackers to cause a denial of service stack consumption via crafted xml file. CVE-2016-4571 The mxmlwritenode function in...
[SECURITY] [DLA 1641-1] mxml security update
Package : mxml Version : 2.6-2+deb8u1 CVE ID : CVE-2016-4570 CVE-2016-4571 CVE-2018-20004 Debian Bug : 825855 918007 Several stack exhaustion conditions were found in mxml that can easily crash when parsing xml files. CVE-2016-4570 The mxmlDelete function in mxml-node.c allows remote attackers to...
Debian: Security Advisory (DLA-1641-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2017:3060-1 Security update for mxml
This update for mxml fixes the following issues: Security issues fixed: - CVE-2016-4570, CVE-2016-4571: stack exhaustion parsing xml files using mxml bsc979205, bsc979206...
Updated mxml packages fix security vulnerability
Two stack exhaustion issues based on uncontrolled recursion were found in mxml. A maliciously crafted xml file can cause the application to crash. Recursion using mxmlDelete at mxml-node.c:217 reproducer is stack-exhaustion-1.xml CVE-2016-4570. Recursion using mxmlwritenode at mxml-file.c:2739...
openSUSE Security Update : mxml (openSUSE-2017-380)
This update for mxml fixes the following issues : - CVE-2016-4570: Specially crafted XML files could have caused stack exhaustation bsc979205 - CVE-2016-4571: Specially crafted XML files could have caused stack exhaustation bsc979206 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
CVE-2016-4570
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...
CVE-2016-4570
CVE-2016-4570 affects the mxml library (mxml 2.9, 2.7, and earlier) via the mxmlDelete function in mxml-node.c, allowing denial of service (stack exhaustion) when processing crafted XML files. Connected advisories confirm this vulnerability and show patched packages in multiple distros: Debian (D...
Fedora Update for mxml FEDORA-2016-44821f9576
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...