Linux Distros Unpatched Vulnerability : CVE-2017-16932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. CVE-2017-16932 Note that Nessus relies on the presence of the packag...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : libxml2 vulnerabilities (USN-3739-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3739-1 advisory. Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose...

Security Bulletin: Vulnerability in libxml2 affects IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems (CVE-2017-16932)

Summary IBM Integrated Management Module II IMM2 for System x, Flex and BladeCenter Systems has addressed the following vulnerability in libxml2. Vulnerability Details Summary IBM Integrated Management Module II IMM2 for System x, Flex and BladeCenter Systems has addressed the following...

SUSE: Security Advisory (SUSE-SU-2018:0395-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2018-1089)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in libxml2 affect Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows (CVE-2017-16931, CVE-2017-16932)

Summary Intel® Manycore Platform Software Stack Intel® MPSS for Linux and Windows have addressed the following vulnerabilities in libxml2. Vulnerability Details Summary Intel® Manycore Platform Software Stack Intel® MPSS for Linux and Windows have addressed the following vulnerabilities in libxml...

Ubuntu: Security Advisory (USN-3504-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Copy-Paste Vulnerability (CPV) Through Libxml2

nokogiri is vulnerable to denial of service DoS attacks. The library uses a vulnerable version of libxml2, causing it to be vulnerable to the following CVEs: 1. CVE-2016-9318: XML External Entity XXE through a crafted document. 2. CVE-2017-16932: Infinite Recursion during parsing. 3...

EulerOS Virtualization 2.5.0 : libxml2 (EulerOS-SA-2018-1258)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary co...

EulerOS Virtualization 2.5.1 : libxml2 (EulerOS-SA-2018-1257)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary co...

USN-3739-1: libxml2 vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information...

ClamAV < 0.100.1 Multiple Vulnerabilities

According to its version, the ClamAV clamd antivirus daemon running on the remote host is prior to 0.100.1. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid111517; scriptversion"1.6";...

EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2018-1156)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial ...

Security Bulletin: A vulnerability in libxml2 affects IBM Flex System Manager (FSM) (CVE-2017-16932)

Summary A vulnerability has been identified in libxml2 that is embedded in FSM. This bulletin addresses that issue. Vulnerability Details CVEID: CVE-2017-16932 DESCRIPTION: Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sendin...

Security Bulletin: Multiple vulnerabilities in Libxml2 affect IBM InfoSphere Identity Insight.

Summary Vulnerabilities have been addressed in the Libxml2 component of IBM InfoSphere Identity Insight. Vulnerability Details CVEID: CVE-2017-16932 DESCRIPTION: Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a...

SUSE SLES11 Security Update : libxml2 (SUSE-SU-2018:0395-1)

This update for libxml2 fixes several issues. Theses security issues were fixed : - CVE-2017-16932: Fixed infinite recursion could lead to an infinite loop or memory exhaustion when expanding a parameter entity in a DTD bsc1069689. - CVE-2017-15412: Prevent use after free when calling XPath...

Updated libxml2 packages fix security vulnerability

Integer overflow in memory debug code in libxml2 before 2.9.5 CVE-2017-5130. It was discovered that libxml2 incorrecty handled certain files. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service CVE-2017-15412...

Updated libxml2 & perl-XML-LibXML packages fix security vulnerabilities

Use-after-free error could lead to crash CVE-2016-4658. Use-after-free vulnerability in libxml2 through 2.9.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function CVE-2016-5131. libxml2 2.9.4 and earli...

Debian DLA-1194-1 : libxml2 security update

CVE-2017-16931 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. CVE-2017-16932 parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in paramet...

[SECURITY] [DLA 1194-1] libxml2 security update

Package : libxml2 Version : 2.8.0+dfsg1-7+wheezy11 CVE ID : CVE-2017-16931 CVE-2017-16932 CVE-2017-16931 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a % character in a DTD name...