110 matches found
Debian DSA-4483-1 : libreoffice - security update
Two security issues have been discovered in LibreOffice : - CVE-2019-9848 Nils Emmerich discovered that malicious documents could execute arbitrary Python code via LibreLogo. - CVE-2019-9849 Matei Badanoiu discovered that the stealth mode did not apply to bullet graphics. C Tenable Network...
Security Bulletin: Vulnerabilities in libxml2 affect IBM Flex System Networking Switch products
Summary IBM Flex System Networking Switch products have addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM Flex System Networking Switch products have addressed the following vulnerabilities in libxml2. Vulnerability Details: CVE-ID: CVE-2016-3627 Description:...
Security Bulletin: Vulnerabilities in libxml2 affect IBM RackSwitch Networking products
Summary IBM RackSwitch Networking products have addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM RackSwitch Networking products have addressed the following vulnerabilities in libxml2. Vulnerability Details: CVE-ID: CVE-2016-3627 Description: libxml2 is...
Out-of-bounds
libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service out-of-bounds read and application crash via a crafted XML document. NOTE: this vulnerability exists because of a missing fix for CVE-2016-4483...
Security Bulletin: IBM Cognos AnalyticsのLibxml2脆弱性について
Summary IBM Cognos Analytics 11.0.5.0で修正されている複数の脆弱性についてお知らせ致します。 IBM® WebSphere Application Server Libertyには複数のLibxml2 脆弱性が存在します。LibertyはCognos Analytics で使用されています。これらの問題はIBM WebSphere Application Server Libertyの更新の一部として公開されました。 2つのクロスサイトスクリプティングに関する脆弱性も修正されています。 脆弱性の詳細につきましては、下記サイトをご覧ください。...
CVE-2017-4483
...
CVE-2017-4483
CVE-2017-4483 entry is rejected and not used; does not represent an active vulnerability.
About the security content of iTunes 12.4.2 for Windows - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
Vulnerable Through Use Of C Library
Nokogiri is vulnerable to denial of service DoS attacks. These attacks are possible through the use and inclusion of the C library libxml2. This library is vulnerable to CVE-2016-4483. It might also be a duplicate of CVE-2016-3627...
CVE-2016-4483
CVE-2016-4483 is a libxml2 serialization bug: xmlBufAttrSerializeTxtContent can trigger an out-of-bounds read when a non-UTF-8 attribute value is serialized, leading to a denial of service. Connected records note related follow-ons: CVE-2016-9598 (and CVE-2016-9596) describe DoS/out-of-bounds sce...
CVE-2016-4483
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service out-of-bounds read and application crash via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627...
Security fix for the ALT Linux 8 package libxml2 version 1:2.9.4.0.12.e905-alt1
1:2.9.4.0.12.e905-alt1 built March 7, 2017 Dmitry V. Levin in task 179256 --- March 3, 2017 Dmitry V. Levin - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627,...
Security fix for the ALT Linux 10 package libxml2 version 1:2.9.4.0.12.e905-alt1
March 3, 2017 Dmitry V. Levin 1:2.9.4.0.12.e905-alt1 - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4449, CVE-2016-4483, CVE-2016-4658,...
Security fix for the ALT Linux 9 package libxml2 version 1:2.9.4.0.12.e905-alt1
March 3, 2017 Dmitry V. Levin 1:2.9.4.0.12.e905-alt1 - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4449, CVE-2016-4483, CVE-2016-4658,...
SA129 : Multiple libxml2 Vulnerabilities
SUMMARY Blue Coat products that include a vulnerable version of the libxml2 library are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code and cause denial of service through memory corruption. AFFECTED PRODUCTS The following...
Updated libxml2 packages fix security vulnerability
A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the...
Apple iTunes < 12.4.2 Multiple Vulnerabilities (credentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.4.2. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist in the libxslt component due to improper validation of user-supplied input. An unauthenticated, remote attacker c...
Apple iTunes < 12.4.2 Multiple Vulnerabilities (uncredentialed check)
The version of Apple iTunes running on the remote Windows host is prior to 12.4.2. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist in the libxslt component due to improper validation of user-supplied input. An unauthenticated, remote attacker can...
F5 Networks BIG-IP : Linux kernel vulnerability (K31300371)
The ipcrcuputref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service memory consumption or system crash via a crafted application. CVE-2013-4483 C Tenable Network Security, Inc. The descriptive te...
Security update for libxml2 (important)
This update for libxml2 fixes the following security issues: - CVE-2016-2073, CVE-2015-8806, CVE-2016-1839: A Heap-buffer overread was fixed in libxml2/dict.c bsc963963, bsc965283, bsc981114. - CVE-2016-4483: Code was added to avoid an out of bound access when serializing malformed strings...