MiracleLinux 7 : xerces-c-3.1.1-8.el7 (AXSA:2016-131:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-131:01 advisory. Xerces-C is a validating XML parser written in a portable subset of C . Xerces-C makes it easy to give your application the ability to read and write XML data...

Security Bulletin: XML vulnerabilities in ClearQuest (CVE-2016-0729, CVE-2016-4463)

Summary IBM Rational ClearQuest is vulnerable to XML parsing attacks. These attacks could cause a denial of service or execution of code. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds...

Security Bulletin: Vulnerabilities in OpenSSL and Xerces-C affect IBM Netezza Platform Software (CVE-2016-2107, CVE-2016-2105, CVE-2016-0729)

Summary OpenSSL and Xerces-C are used by IBM Netezza Platform Software. IBM Netezza Platform Software has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2107 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the...

Security Bulletin: XML vulnerabilities in ClearCase (CVE-2016-0729, CVE-2016-4463)

Summary IBM Rational ClearCase is vulnerable to XML parsing attacks. These attacks could cause a denial of service or execution of code. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds...

Security Bulletin: A vulnerability in Apache Xerces-C XML Parser library affects IBM Performance Management products (CVE-2016-0729 )

Summary Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and error reporting. By sending specially crafted input documents, an attacker could exploit this vulnerability to cause the library to crash or possibly execute...

Security Bulletin: A vulnerability in Apache Xerces-C XML Parser library affects IBM Tivoli Composite Application Manager for Transactions (CVE-2016-0729 )

Summary Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and error reporting. By sending specially crafted input documents, an attacker could exploit this vulnerability to cause the library to crash or possibly execute...

Security Bulletin: Content Classification is affected by Open Source Apache Xerces-C XML parser Vulnerability (CVE-2016-0729)

Summary Content Classification is affected by Open Source Apache Xerces-C XML parser Vulnerability. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and error...

Security Bulletin: A vulnerability in the Apache Xerces-C XML parser affects IBM Tivoli Access Manager for e-business and IBM Security Access Manager for Web 7.0 software (CVE-2016-0729)

Summary IBM Tivoli Access Manager for e-business and IBM Security Access Manager for Web 7.0 software is affected by a vulnerability in the Apache Xerces-C XML parser. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service,...

Security Bulletin: A vulnerability in the Apache Xerces-C XML parser affects IBM Security Access Manager for Web (CVE-2016-0729)

Summary IBM Security Access Manager for Web is affected by a vulnerability in the Apache Xerces-C XML parser. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and...

Security Bulletin: IBM Forms Viewer may be affected by an Apache Xerces-C XML Parser library vulnerability (CVE-2016-0729, CVE-2016-4463)

Summary An IBM Form XFDL document that contains a specially crafted mark-up could crash IBM Forms Viewer. This may expose a vulnerability in its use of the Apache Xerces-C XML Parser library. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable ...

Security Bulletin: IBM Forms Server may be affected by an Apache Xerces-C XML Parser library vulnerability (CVE-2016-0729, CVE-2016-4463)

Summary An IBM Form XFDL document that contains a specially crafted mark-up could crash IBM Forms Server. This may expose a vulnerability in its use of the Apache Xerces-C XML Parser library. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable ...

Security Bulletin: IBM Streams is affected by Open Source Apache Xerces-C XML parser Vulnerabilities (CVE-2016-0729)

Summary IBM Streams is affected by Open Source Apache Xerces-C XML parser Vulnerabilities. IBM Streams has addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds...

Security Bulletin: Vulnerability in Apache Xerces-C XML parser, including XML4C affects IBM InfoSphere Information Server (CVE-2016-0729)

Summary Open Source Xerces-C XML parser vulnerability affects IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and error reportin...

Security Bulletin: Open Source Apache Xerces-C XML parser Vulnerabilities -- including XML4C (CVE-2016-0729)

Summary The vulnerabilities have been addressed in the Open Source Apache Xerces-C XML parser for IBM Data Server Driver packagesDB2 Connect Instance less clients. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caus...

Security Bulletin: Vulnerabilty in XMLC affects IBM® DB2® LUW (CVE-2016-0729, CVE-2016-4463)

Summary IBM DB2 for LUW bundles a XMLC library that is affected by CVE-2016-0729. A remote, authenticated DB2 user could exploit this vulnerability by issuing a specially crafted statement. This may cause the DB2 server to terminate abnormally or execute arbitary code. Vulnerability Details CVE-I...

Security Bulletin: A vulnerability in the Apache Xerces-C XML parser affects IBM Cognos Metrics Manager (CVE-2016-0729)

Summary A vulnerability has been addressed in the Apache Xerces-C XML parser component of IBM Cognos Metrics Manager. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processi...

Fedora 23 : mingw-xerces-c (2016-87e8468465)

MinGW cross compiled xerces-c 3.1.4, fixing CVE-2016-0729, CVE-2016-2099 and CVE-2016-4463 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possibl...

Fedora 24 : mingw-xerces-c (2016-0a061f6dd9)

MinGW cross compiled xerces-c 3.1.4, fixing CVE-2016-0729, CVE-2016-2099 and CVE-2016-4463 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possibl...

Fedora 22 : mingw-xerces-c (2016-7615febbd6)

MinGW cross compiled xerces-c 3.1.4, fixing CVE-2016-0729, CVE-2016-2099 and CVE-2016-4463 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possibl...

SUSE SLED12 / SLES12 Security Update : xerces-c (SUSE-SU-2016:1026-1)

This update for xerces-c fixes the following security issue : - CVE-2016-0729: Fixed mishandling certain kinds of malformed input documents, that resulted in buffer overlows during processing and error reporting. The overflows can manifest as a segmentation fault or as memory corruption during a...