143 matches found
RHEL 6 : flash-plugin (RHSA-2018:2175)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:2175 advisory. - flash-plugin: Arbitrary Code Execution vulnerability APSB18-24 CVE-2018-5007 - flash-plugin: Information Disclosure vulnerability APSB18-2...
Security Bulletin: Vulnerability in Apache PDFBox affects FileNet Content Manager and IBM Content Foundation (CVE-2016-2175)
Summary Security vulnerabilitiy exists in Apache PDFBox that affects IBM FileNet Content Manager and IBM Content Foundation. Vulnerability Details CVEID: CVE-2016-2175 DESCRIPTION: Apache PDFBox could allow a remote authenticated attacker to obtain sensitive information, caused by a XML external...
Security Bulletin: Apache PDFBox affects IBM Emptoris Contract Management (CVE-2016-2175)
Summary Apache PDFBox affects IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2016-2175 DESCRIPTION: Apache PDFBox could allow a remote authenticated attacker to obtain sensitive information, caused by a XML external entity XXE error when processing XML data by the XML parser. ...
D3DGear 5.00 Build 2175 Buffer Overflow
!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: D3DGear 5.00 Build 2175 - Buffer Overflow Date: 07-11-2017 Vulnerable Software: D3DGear 5.00 Build 2175 Vendor Homepage: http://www.d3dgear.com/ Version: 5.00 Build 2175 Software Link: http://www.d3dgear.com/products.htm Tested O...
D3DGear 5.00 Build 2175 - Buffer Overflow (PoC)
D3DGear 5.00 Build 2175 - Buffer Overflow PoC !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: D3DGear 5.00 Build 2175 - Buffer Overflow Date: 07-11-2017 Vulnerable Software: D3DGear 5.00 Build 2175 Vendor Homepage: http://www.d3dgear.com/ Version: 5.00 Build 2175 Software Link...
Xxe
Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity XXE attacks via vectors involving 1 spreadsheets in OOXML files and 2 XMP metadata in PDF and other file formats, a related issue to...
CVE-2017-2175
CVE-2017-2175 affects Empirical Project Monitor - eXtended. A DLL search-path vulnerability allows loading a Trojan horse DLL from an attacker-controlled directory, enabling privilege escalation/arbitrary code execution with the invoking user’s privileges during installation. No exploitation deta...
Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization security and bug fix update
An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS security update
An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Fedora Update for pdfbox FEDORA-2016-3f30a5faeb
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 23 : pdfbox (2016-3f30a5faeb)
Security fix for CVE-2016-2175 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Updated pdfbox packages fix security vulnerability
Apache PDFBox before 1.8.12 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted PDF CVE-2016-2175...
CVE-2016-2175
Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted PDF...
CVE-2016-2175
Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted PDF...
CVE-2016-2175
Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted PDF...
CVE-2016-2175
CVE-2016-2175 is an XXE vulnerability in Apache PDFBox. The issue arises because PDFBox’s XML parsers are not properly initialized when processing XML data inside PDFs, allowing context-dependent attackers to craft PDFs that cause XML External Entity (XXE) attacks. Affected products include PDFBo...
CVE-2016-2175
Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted PDF...
CVE-2016-2175
It was found that the parsing of XMP and other XML formats in PDF by Apache PDFBox would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks...
Oracle: Security Advisory (ELSA-2012-0509)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2013-0125)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...