MiracleLinux 7 : xerces-c-3.1.1-9.el7 (AXSA:2019-3675:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3675:01 advisory. xerces-c: Stack overflow when parsing deeply nested DTD CVE-2016-4463 Tenable has extracted the preceding description block directly from the MiracleLinux...

Linux Distros Unpatched Vulnerability : CVE-2016-4463

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD...

RHEL 6 : xerces-c (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xerces-c: Use-after-free in heap on specially crafted XML input CVE-2016-2099 - internal/XMLReader.cpp in...

Ubuntu 16.04 ESM / 18.04 ESM : Xerces-C++ vulnerabilities (USN-4784-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4784-1 advisory. It was discovered that Xerces-C++ XML Parser mishandles certain kinds of external DTD references, resulting in a user-after-free. An attacker...

Debian: Security Advisory (DLA-535-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4784-1: Xerces-C++ vulnerabilities

It was discovered that Xerces-C++ XML Parser mishandles certain kinds of external DTD references, resulting in a user-after-free. An attacker could use this vulnerability to cause a denial of service crash or possibly execute arbitrary code. This issue affected only Ubuntu 16.04 ESM. CVE-2016-209...

Security Bulletin: XML vulnerabilities in ClearQuest (CVE-2016-0729, CVE-2016-4463)

Summary IBM Rational ClearQuest is vulnerable to XML parsing attacks. These attacks could cause a denial of service or execution of code. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds...

Huawei EulerOS: Security Advisory for xerces-c (EulerOS-SA-2019-2199)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for xerces-c (EulerOS-SA-2018-1422)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : xerces-c (EulerOS-SA-2019-2199)

According to the version of the xerces-c package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested...

NewStart CGSL CORE 5.04 / MAIN 5.04 : xerces-c Vulnerability (NS-SA-2019-0072)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has xerces-c packages installed that are affected by a vulnerability: - A stack exhaustion flaw was found in the way Xerces-C XML parser handled deeply nested DTDs. An attacker could potentially use this flaw to crash an...

EulerOS 2.0 SP2 : xerces-c (EulerOS-SA-2018-1422)

According to the version of the xerces-c package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - xerces-c: Stack overflow when parsing deeply nested DTD CVE-2016-4463 Note that Tenable Network Security has extracted the preceding description...

Medium: xerces-c

Issue Overview: A stack exhaustion flaw was found in the way Xerces-C XML parser handled deeply nested DTDs. An attacker could potentially use this flaw to crash an application using Xerces-C by tricking it into processing specially crafted data.CVE-2016-4463 Affected Packages: xerces-c Note: Thi...

CentOS 7 : xerces-c (CESA-2018:3335)

An update for xerces-c is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

xerces security update

CentOS Errata and Security Advisory CESA-2018:3335 An update for xerces-c is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

RHEL 7 : xerces-c (RHSA-2018:3514)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3514 advisory. Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and writ...

Oracle Linux 7 : xerces-c (ELSA-2018-3335)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-3335 advisory. - Fix CVE-2016-4463 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

Moderate: Red Hat Security Advisory: xerces-c security update

An update for xerces-c is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

xerces-c security update

3.1.1-9 - Fix CVE-2016-4463 - Resolves: 1534481...

RHEL 7 : xerces-c (RHSA-2018:3335)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3335 advisory. Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and writ...