15 matches found
EUVD-2018-0528
Malware in sbrugna...
Debian DLA-2438-1 : raptor2 security update
It was discovered that there were two heap overflow vulnerabilities in raptor2, a set of parsers for RDF files that is used, amongst others, in LibreOffice. For Debian 9 'Stretch', this problem has been fixed in version 2.0.14-1+deb9u1. We recommend that you upgrade your raptor2 packages. For the...
Eclipse RDF4j vulnerable to XML External Entity
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
GHSA-6XQ8-PVG4-3MF3 Eclipse RDF4j vulnerable to XML External Entity
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
CVE-2018-1000644
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
CVE-2018-1000644
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
Xxe
Eclipse RDF4j version 2.4.0 Milestone 2 contains a XML External Entity XXE vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially...
Mandriva Linux Security Advisory : raptor (MDVSA-2012:061)
An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had...
Important: Red Hat Security Advisory: openoffice.org security update
Updated openoffice.org packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
Important: Red Hat Security Advisory: raptor security update
Updated raptor packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2009-2464
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to loading multip...
Memory corruption
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to loading multip...
CVE-2009-2464
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to loading multip...
Mozilla crash with multiple RDFs in XUL tree
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to loading multip...
CVE-2009-2464
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to loading multip...