CentOS Update for xalan-j2 CESA-2014:0348 centos5

Check for the Version of xalan-j2 OpenVAS Vulnerability Test CentOS Update for xalan-j2 CESA-2014:0348 centos5 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

RedHat Update for xalan-j2 RHSA-2014:0348-01

Check for the Version of xalan-j2 OpenVAS Vulnerability Test RedHat Update for xalan-j2 RHSA-2014:0348-01 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

xalan security update

CentOS Errata and Security Advisory CESA-2014:0348 Updated xalan-j2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS...

Important: Red Hat Security Advisory: xalan-j2 security update

Updated xalan-j2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

[oCERT-2014-002] Xalan-Java insufficient secure processing

2014-002 Xalan-Java insufficient secure processing Description: The Xalan-Java library is a popular XSLT processor from the Apache Software Foundation. The library implements the Java API for XML Processing JAXP which supports a secure processing feature for interpretive and XSLCT processors. The...

CVE-2013-5604

The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote...

Stack overflow

The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote...

CVE-2013-5604

The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote...

CVE-2013-5604

CVE-2013-5604 affects the XSLT processor in Mozilla Firefox (and related Mozilla components) where txXPathNodeUtils::getBaseURI does not initialize data properly. This allows remote attackers to execute arbitrary code or cause a denial of service via crafted documents, including stack-based buffe...

Liferay XSL - Command Execution (Metasploit)

Liferay XSL - Command Execution Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

Liferay XSL Command Execution

Exploit for windows platform in category remote exploits $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Fedora Update for xml-security-c FEDORA-2011-9494

Check for the Version of xml-security-c OpenVAS Vulnerability Test Fedora Update for xml-security-c FEDORA-2011-9494 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

Fedora Update for xml-security-c FEDORA-2011-9501

Check for the Version of xml-security-c OpenVAS Vulnerability Test Fedora Update for xml-security-c FEDORA-2011-9501 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

[SECURITY] Fedora 14 Update: xml-security-c-1.5.1-4.fc14

The xml-security-c library is a C++ implementation of the XML Digital Signa ture specification. The library makes use of the Apache XML project's Xerces-C X ML Parser and Xalan-C XSLT processor. The latter is used for processing XPath and XSLT transforms...

Fedora Core 11 FEDORA-2009-8157 (xml-security-c)

The remote host is missing an update to xml-security-c announced via advisory FEDORA-2009-8157. OpenVAS Vulnerability Test $Id: fcore20098157.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-8157 xml-security-c Authors: Thomas Reinke Copyright:...

[SECURITY] Fedora 11 Update: xml-security-c-1.5.1-1.fc11

The xml-security-c library is a C++ implementation of the XML Digital Signa ture specification. The library makes use of the Apache XML project's Xerces-C X ML Parser and Xalan-C XSLT processor. The latter is used for processing XPath and XSLT transforms...

CVE-2004-2764

CVE-2004-2764 affects Sun JRE/JSDK 1.4.x (1.4.0 to 1.4.2_04, and 1.4.1, 1.4.2) where untrusted applets and unprivileged servlets could gain privileges and read data from other applets due to issues in the XSLT processor (XML sniffing). The vulnerability description states privilege escalation via...

Command Execution in Hannon Hill Cascade Server

Emory University UTS Security Advisory EMORY-2009-01 Topic: Command Execution in Hannon Hill Cascade Server Original release date: March 19, 2009 SUMMARY ======= Hannon Hill's Cascade Server product is vulnerable to a command execution vulnerability. An attacker with access to an unprivileged...

Command Injection in XML Digital Signatures

iSEC Partners Security Advisory - 12 Jul 2007 XML Digital Signature Command Injection http://www.isecpartners.com -------------------------------------------- XML Digital Signature Command Injection Vulnerability Vendor: Sun Microsystems, Inc. Vendor URL: http://sun.com Versions affected: JSR 105...

FreeBSD : opera -- multiple vulnerabilities in Java implementation (1489df94-6bcb-11d9-a21e-000a95bc6fae)

Marc Schoenefeld reports : Opera 7.54 is vulnerable to leakage of the java sandbox, allowing malicious applets to gain unacceptable privileges. This allows them to be used for information gathering spying of local identity information and system configurations as well as causing annoying crash...