openSUSE Security Update : libxml2 (libxml2-184)

Specially crafted xml files could cause a crash or a heap based buffer overlow in libxml2 CVE-2008-3281, CVE-2008-3529. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libxml2-184. The text...

openSUSE Security Update : libxml2 (libxml2-502)

A previous security fix for libxml2 caused problems when processing large xml files. The patch has been reworked so processing of large files works again. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

Netragard Security Advisory 2009-06-22

NETRAGARD ADVISORY http://www.netragard.com "The Specialist in Anti- Hacking" Advisory Summary --------------------------------------------------------------------------------------------------- Advisory Author : Adriel T. Desautels Researcher : Kevin Finisterre Advisory ID : NETRAGARD-20090622...

[Full-disclosure] [NETRAGARD SECURITY ADVISORY] [< Safari 3.2.3 Arbitrary Code Execution + PoC ][NETRAGARD-20090622]

NETRAGARD ADVISORY http://www.netragard.com "The Specialist in Anti- Hacking" Advisory Summary --------------------------------------------------------------------------------------------------- Advisory Author : Adriel T. Desautels Researcher : Kevin Finisterre Advisory ID : NETRAGARD-20090622...

Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC

No description provided by source. !/usr/bin/ruby Quick-n-dirty PoC for APPLE-SA-2009-05-12 ala CVE-2008-3529 Safari RSS feed:// buffer overflow via libxml2 by KF of Digitalmunition and Netragard http://www.digitalmunition.com , http://www.netragard.com The application PubSubAgent quit...

Safari RSS feed:// Buffer Overflow

!/usr/bin/ruby Quick-n-dirty PoC for APPLE-SA-2009-05-12 ala CVE-2008-3529 Safari RSS feed:// buffer overflow via libxml2 by KF of Digitalmunition and Netragard http://www.digitalmunition.com , http://www.netragard.com The application PubSubAgent quit unexpectedly. Process: PubSubAgent 3764 Path:...

Apple Safari - RSS feed: Buffer Overflow via libxml2 (PoC)

Apple Safari - RSS feed: Buffer Overflow via libxml2 PoC !/usr/bin/ruby Quick-n-dirty PoC for APPLE-SA-2009-05-12 ala CVE-2008-3529 Safari RSS feed:// buffer overflow via libxml2 by KF of Digitalmunition and Netragard http://www.digitalmunition.com , http://www.netragard.com The application...

Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC

Exploit for unknown platform in category dos / poc ========================================================== Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC ========================================================== !/usr/bin/ruby Quick-n-dirty PoC for APPLE-SA-2009-05-12 ala...

Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)

!/usr/bin/ruby Quick-n-dirty PoC for APPLE-SA-2009-05-12 ala CVE-2008-3529 Safari RSS feed:// buffer overflow via libxml2 by KF of Digitalmunition and Netragard http://www.digitalmunition.com , http://www.netragard.com The application PubSubAgent quit unexpectedly. Process: PubSubAgent 3764 Path:...

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : libxml2 vulnerabilities (USN-644-1)

It was discovered that libxml2 did not correctly handle long entity names. If a user were tricked into processing a specially crafted XML document, a remote attacker could execute arbitrary code with user privileges or cause the application linked against libxml2 to crash, leading to a denial of...

Mandriva Linux Security Advisory : libxml2 (MDVSA-2008:212)

libxml2 version 2.7.0 and 2.7.1 did not properly handle predefined entities definitions in entities, which allowed context-dependent attackers to cause a denial of service memory consumption and application crash via certain XML documents CVE-2008-4409. The updated packages have been patched to...

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libxml2 vulnerabilities (USN-673-1)

Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. If a user or automated system were tricked into processing a malicious XML document, a remote attacker could cause applications linked against libxml2 to enter an infinite loop, leading to a denial of service...

CentOS 3 / 4 / 5 : libxml2 (CESA-2008:0988)

Updated libxml2 packages that fix security issues are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. libxml2 is a library for parsing and manipulating XML files. It includes support...

FreeBSD : libxml2 stack buffer overflow in URI parsing (847ade05-6717-11d8-b321-000a95bc6fae)

Yuuichi Teranishi reported a crash in libxml2's URI handling when a long URL is supplied. The implementation in nanohttp.c and nanoftp.c uses a 4K stack buffer, and longer URLs will overwrite the stack. This could result in denial-of-service or arbitrary code execution in applications using libxm...

Mandriva Linux Security Advisory : libxml2 (MDVSA-2008:192)

A heap-based buffer overflow was found in how libxml2 handled long XML entity names. If an application linked against libxml2 processed untrusted malformed XML content, it could cause the application to crash or possibly execute arbitrary code CVE-2008-3529. The updated packages have been patched...

Mandriva Linux Security Advisory : libxml2 (MDVSA-2008:231)

Drew Yao of the Apple Product Security Team found two flaws in libxml2. The first is a denial of service flaw in libxml2's XML parser. If an application linked against libxml2 were to process certain malformed XML content, it cause the application to enter an infinite loop CVE-2008-4225. The seco...

Mandriva Linux Security Advisory : libxml2 (MDVSA-2008:010)

A denial of service flaw was discovered by the Google Security Team in the way libxml2 processes malformed XML content. This flaw could cause the application to stop responding. The updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Mandriva Linux Security Advisory : libxml2 (MDVSA-2008:180-1)

Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding CVE-2008-3281. Update : The original fix used to correct this issue caused some...

Mandriva Update for libxml2 MDVSA-2008:180 (libxml2)

Check for the Version of libxml2 OpenVAS Vulnerability Test Mandriva Update for libxml2 MDVSA-2008:180 libxml2 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Mandriva Update for libxml2 MDVSA-2008:180-1 (libxml2)

Check for the Version of libxml2 OpenVAS Vulnerability Test Mandriva Update for libxml2 MDVSA-2008:180-1 libxml2 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...