USN-3424-1 libxml2 vulnerabilities

It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. CVE-2017-0663 It was discovered that libxml2 did not properly validate parsed entity references. An...

Ubuntu 14.04 LTS / 16.04 LTS : libxml2 vulnerabilities (USN-3424-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3424-1 advisory. It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause...

Ubuntu: Security Advisory (USN-3424-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MP3Gain mpglibDBL Denial of Service Vulnerability (CNVD-2017-33786)

MP3Gain is a MP3 file volume adjustment application. mpglibDBL is one of the MPEG file decoders. A security vulnerability exists in the IIIistereo of the layer3.c file of mpglibDBL in MP3Gain. A remote attacker could exploit this vulnerability to cause a denial of service buffer out-of-bounds rea...

Nokogiri gem, via libxml, is affected by DoS and RCE vulnerabilities

The version of libxml2 packaged with Nokogiri contains several vulnerabilities. Nokogiri has mitigated these issues by upgrading to libxml 2.9.5. It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial ...

DEBIAN-CVE-2017-13051

The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvpobjprint...

DEBIAN-CVE-2017-13052

The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfmprint...

DEBIAN-CVE-2017-13687

The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlcprint...

DEBIAN-CVE-2017-13050

The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpkirtrpduprint...

DEBIAN-CVE-2017-13688

The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsrprint...

DEBIAN-CVE-2017-13054

The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldpprivate8023print...

DEBIAN-CVE-2017-13049

The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubikprint...

DEBIAN-CVE-2017-13725

The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6print...

DEBIAN-CVE-2017-13029

The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:printccpconfigoptions...

DEBIAN-CVE-2017-13028

The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootpprint...

DEBIAN-CVE-2017-13041

The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6nodeinfoprint...

DEBIAN-CVE-2017-13039

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions...

DEBIAN-CVE-2017-13042

The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6print...

DEBIAN-CVE-2017-13043

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decodemulticastvpn...

DEBIAN-CVE-2017-13046

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgpattrprint...