Design/Logic Flaw

The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the openbasedir protection mechanism and read arbitrary files via vectors involving a streamclose method call during use of a custom stream wrapper...

CVE-2012-1171

The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the openbasedir protection mechanism and read arbitrary files via vectors involving a streamclose method call during use of a custom stream wrapper...

CVE-2012-1171

CVE-2012-1171 affects PHP 5.x via the libxml RSHUTDOWN function, enabling a remote attacker to bypass open_basedir protections and read arbitrary files when a custom stream wrapper is in use. The issue is triggered by a stream_close call during wrapper usage, which bypasses the intended directory...

APPLE-SA-2014-01-22-1 iTunes 11.1.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-01-22-1 iTunes 11.1.4 iTunes 11.1.4 is now available and addresses the following: iTunes Available for: Mac OS X v10.6.8 or later, Windows 8, Windows 7, Vista, XP SP2 or later Impact: An attacker with a privileged network position may...

Apple iTunes < 11.1.4 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes on the remote host is prior to version 11.1.4. It is, therefore, affected by multiple vulnerabilities : - The included versions of the WebKit, libxml, and libxslt components in iTunes contain several errors that can lead to memory corruption and arbitrary code executio...

Apple iTunes < 11.1.4 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote Windows host is older than 11.1.4. It is, therefore, potentially affected by several issues : - The included versions of WebKit, libxml, and libxslt contain several errors that could lead to memory corruption and possibly arbitrary code executio...

[USN-2028-1] Apache XML Security for Java vulnerability

========================================================================== Ubuntu Security Notice USN-2028-1 November 12, 2013 libxml-security-java vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

SuSE Update for chromium openSUSE-SU-2013:1556-1 (chromium)

Check for the Version of chromium OpenVAS Vulnerability Test $Id: gbsuse201315561.nasl 8045 2017-12-08 08:39:37Z santu $ SuSE Update for chromium openSUSE-SU-2013:1556-1 chromium Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu 10.04 LTS : libxml-security-java vulnerability (USN-2028-1)

James Forshaw discovered that Apache XML Security for Java incorrectly validated CanonicalizationMethod parameters. An attacker could use this flaw to spoof XML signatures. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory...

Apple iTunes < 11.1.2 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote Windows host is older than 11.1.2. It is, therefore, potentially affected by several issues : - An uninitialized memory access issue exists in the handling of text tracks, which could lead to memory corruption and possibly arbitrary code...

Apple iTunes < 11.1.2 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes on the remote host is prior to version 11.1.2. It is, therefore, affected by multiple vulnerabilities : - An uninitialized memory access error exists in the handling of text tracks. By using a specially crafted movie file, a remote attacker can exploit this to cause a...

chromium: 30.0.1599.66 security and bugfix update (important)

Update to Chromium 30.0.1599.66: - Easier searching by image - A number of new apps/extension APIs - Lots of under the hood changes for stability and performance - Security fixes: + CVE-2013-2906: Races in Web Audio + CVE-2013-2907: Out of bounds read in Window.prototype object + CVE-2013-2908:...

Oracle Linux 5 : libxml / and / libxml2 (ELSA-2009-1206)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-1206 advisory. - Fix a couple of crash CVE-2009-2414 and CVE-2009-2416 Tenable has extracted the preceding description block directly from the Oracle Linux security...

libxml security vulnerabilities

Multiple use-after-free vulnerabilities...

FreeBSD : libxml -- Integer overflow (7be92050-a450-11e2-9898-001060e06fd4)

Integer overflow in xpath.c, allows context-dependent attackers to to cause a denial of service crash and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions. %NASLMINLEVEL 703...

iTunes for Windows < 11.1.4 Multiple Vulnerabilities

Binary data 8095.prm...

Fedora Update for rubygem-multi_xml FEDORA-2013-0839

Check for the Version of rubygem-multixml OpenVAS Vulnerability Test Fedora Update for rubygem-multixml FEDORA-2013-0839 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...

Fedora Update for rubygem-multi_xml FEDORA-2013-0808

Check for the Version of rubygem-multixml OpenVAS Vulnerability Test Fedora Update for rubygem-multixml FEDORA-2013-0808 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...

[SECURITY] Fedora 17 Update: rubygem-multi_xml-0.4.1-4.fc17

A gem to provide swappable XML backends utilizing LibXML, Nokogiri, Ox, or REXML...

[SECURITY] Fedora 18 Update: rubygem-multi_xml-0.4.1-5.fc18

A gem to provide swappable XML backends utilizing LibXML, Nokogiri, Ox, or REXML...