3 matches found
Access of Resource Using Incompatible Type ('Type Confusion')
Overview Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' via xmlNode.psvi memory field that stores xsltStylePreComp pointer when processing xslt stylesheets. An attacker can cause memory corruption or application crashes by supplying...
Microsoft Internet Explorer Information Disclosure Vulnerability (CNVD-2015-04584)
Microsoft Internet Explorer IE is a Web browser developed by the American company Microsoft and is the default browser that comes with the Windows operating system. A security vulnerability exists in Microsoft IE versions 6 through 11. A remote attacker can exploit the vulnerability to determine...
Xalan-Java: insufficient constraints in secure processing feature
It was found that the secure processing feature of Xalan-Java had insufficient restrictions defined for certain properties and features. A remote attacker able to provide Extensible Stylesheet Language Transformations XSLT content to be processed by an application using Xalan-Java could use this...