73 matches found
Security Bulletin: IBM Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.9
Summary Apache Portable Runtime, The Expat XML Parser and DOORS Web Access are identified as vulnerable components with multiple reported vulnerabilities. The IBM Engineering Requirements Management DOORS/DWA product version 9.7.2.8 is vulnerable to the below mentioned CVEs. Remediation actions a...
Linux Distros Unpatched Vulnerability : CVE-2009-3560
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The big2toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denia...
RHEL 5 : xmlrpc-c (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - expat: buffer over-read and crash in big2toUtf8 on XML with malformed UTF-8 sequences CVE-2009-3560 Note that Nessu...
Oracle: Security Advisory (ELSA-2009-1625)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-201209-06 : Expat: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201209-06 Expat: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially...
Slackware Advisory SSA:2011-041-03 httpd
The remote host is missing an update as announced via advisory SSA:2011-041-03. OpenVAS Vulnerability Test $Id: esoftslkssa201104103.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
Scientific Linux Security Update : expat on SL3.x, SL4.x, SL5.x i386/x86_64
CVE-2009-3720 expat: buffer over-read and crash on XML with malformed UTF-8 sequences CVE-2009-3560 expat: buffer over-read and crash in big2toUtf8 on XML with malformed UTF-8 sequences Two buffer over-read flaws were found in the way Expat handled malformed UTF-8 sequences when processing XML...
CentOS Update for expat CESA-2009:1625 centos3 i386
Check for the Version of expat OpenVAS Vulnerability Test CentOS Update for expat CESA-2009:1625 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
CentOS Update for expat CESA-2009:1625 centos3 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SuSE 11 Security Update : expat (SAT Patch Number 1765)
The previous expat security update CVE-2009-3560 caused parse errors with some xml documents. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...
Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : expat (SSA:2011-041-02)
New expat packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2011-041-02. The text...
SuSE 10 Security Update : libxmlrpc (ZYPP Patch Number 6857)
This update of libxmlrpc is not vulnerable anymore to denial of service bugs that can occur while processing malformed XML input. - CVE-2009-3720: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Insufficient Information CWE-noinfo CVE-2009-3560: CVSS v2 Base Score: 5.0 MEDIUM...
SuSE 11 Security Update : Python (SAT Patch Number 2175)
This update of python has a copy of libxmlrpc that is vulnerable to denial of service bugs that can occur while processing malformed XML input. CVE-2009-2625: CVSS v2 Base Score: 5.0 moderate AV:N/AC:L/Au:N/C:N/I:N/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2009-3720: CVSS v2 Ba...
Apache 2.2.x < 2.2.17 Multiple Vulnerabilities
According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.17. It is, therefore, affected by the following vulnerabilities : - Errors exist in the bundled expat library that may allow an attacker to crash the server when a buffer is over- read when parsing an...
SuSE 10 Security Update : expat (ZYPP Patch Number 6703)
Specially crafted XML files could crash applications that use expat to parse such files. CVE-2009-3560 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid49849;...
SuSE 10 Security Update : expat (ZYPP Patch Number 6765)
The previous expat security update CVE-2009-3560 caused parse errors with some xml documents. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid49850;...
SuSE 10 Security Update : Python (ZYPP Patch Number 6946)
This update of python has a copy of libxmlrpc that is vulnerable to denial of service bugs that can occur while processing malformed XML input. CVE-2009-2625: CVSS v2 Base Score: 5.0 moderate AV:N/AC:L/Au:N/C:N/I:N/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2009-3720: CVSS v2 Ba...
SuSE 10 Security Update : pyxml (ZYPP Patch Number 6715)
Specially crafted XML documents could make pyxml run into an enless loop, therefore locking up applications using pyxml. CVE-2009-3720 / CVE-2009-3560 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
FreeBSD Ports: apr
The remote host is missing an update to the system as announced in the referenced advisory. VID dd943fbb-d0fe-11df-95a8-00219b0fc4d8 OpenVAS Vulnerability Test $ Description: Auto generated from VID dd943fbb-d0fe-11df-95a8-00219b0fc4d8 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
FreeBSD Ports: apr
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...