Apple TV and iOS XML Parser Buffer Overflow Vulnerability

Apple iOS is the latest operating system for Apple's iPhone and iPod touch devices. Apple TV is Apple's way of allowing photos, videos and music from PCs and iPods to be transmitted wirelessly to a TV in high definition. A buffer overflow vulnerability exists in the processing of XML files in App...

odata4j XML External Entity Injection Vulnerability

odata4j is a new open source toolkit. An external entity injection vulnerability exists in odata4j XML, which can be exploited by attackers to obtain sensitive information...

Multiple Product UEFI System Local Security Bypass Vulnerabilities

UEFI is a standard that details a type of interface. This interface is used to automatically load the operating system from a pre-booted operating environment onto an operating system. A local security bypass vulnerability exists in multiple product UEFI systems where a boot script is used to...

EDK1 UEFI 'FSVariable.c' Local Buffer Overflow Vulnerability

EDK1 is an open source project that provides a reference implementation of the Unified Extensible Firmware Interface UEFI. The commercial UEFI implementation merges parts of the EDK1 source code. A local buffer overflow vulnerability exists in EDK1 UEFI 'FSVariable.c'. Due to the program failing ...

ruby: REXML billion laughs attack via parameter entity expansion

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service memory consumption via a crafted XML document, aka an XML Entity Expansion XEE attack...

ruby: REXML billion laughs attack via parameter entity expansion

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service memory consumption via a crafted XML document, aka an XML Entity Expansion XEE attack...

[SECURITY] Fedora 20 Update: facter-1.7.6-1.fc20

Facter is a lightweight program that gathers basic node information about t he hardware and operating system. Facter is especially useful for retrieving things like operating system names, hardware characteristics, IP addresses, MAC addresses, and SSH keys. Facter is extensible and allows gatheri...

libxml2: denial of service via recursive entity expansion

A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption denial of service bas...

DEBIAN-CVE-2014-3755

The QSvg module in Qt, as used in the Mumble client 1.2.x before 1.2.6, allows remote attackers to cause a denial of service hang and resource consumption via a local file reference in an 1 image tag or 2 XML stylesheet in an SVG file...

php: xmlrpc ISO8601 date format parsing out-of-bounds read in mkgmtime()

An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash...

UBUNTU-CVE-2014-1868

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion XEE attack...

UBUNTU-CVE-2014-3185

Multiple buffer overflows in the commandportreadcallback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service memory corruption and system crash v...

Kernel: netdevice.h: NULL pointer dereference over VxLAN

A NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an...

Kernel: netdevice.h: NULL pointer dereference over VxLAN

A NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an...

tomcat: information disclosure via XXE when running untrusted web applications

It was found that several application-provided XML files, such as web.xml, content.xml, .tld, .tagx, and .jspx, resolved external entities, permitting XML External Entity XXE attacks. An attacker able to deploy malicious applications to Tomcat could use this flaw to circumvent security restrictio...

XStream: remote code execution due to insecure XML deserialization

It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream...

XStream: remote code execution due to insecure XML deserialization

It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream...

DEBIAN-CVE-2014-5177

libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the 1 virDomainDefineXML, 2 virNetworkCreateXML, 3...

OpenJDK: Activation framework default command map caching (JAX-WS, 8025152)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423...

[SECURITY] Fedora 20 Update: ipython-0.13.2-4.fc20

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...