20 matches found
Oracle Linux 5 : xmlsec1 (ELSA-2011-0486)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-0486 advisory. - disable xslt i/o support in library, tools and examples, CVE-2011-1425 Tenable has extracted the preceding description block directly from the Oracle Linux...
FreeBSD : databases/postgresql*-server -- multiple vulnerabilities (07234e78-e899-11e1-b38d-0023ae8e59f0)
The PostgreSQL Global Development Group reports : The PostgreSQL Global Development Group today released security updates for all active branches of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and 8.3.20. This update patches security holes associated with libxml2 and...
Scientific Linux Security Update : xmlsec1 on SL4.x, SL5.x i386/x86_64
A flaw was found in the way xmlsec1 handled XML files that contain an XSLT transformation specification. A specially crafted XML file could cause xmlsec1 to create or overwrite an arbitrary file while performing the verification of a file's digital signature. CVE-2011-1425 After installing the...
CentOS Update for xmlsec1 CESA-2011:0486 centos4 x86_64
Check for the Version of xmlsec1 OpenVAS Vulnerability Test CentOS Update for xmlsec1 CESA-2011:0486 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
CentOS Update for xmlsec1 CESA-2011:0486 centos5 x86_64
Check for the Version of xmlsec1 OpenVAS Vulnerability Test CentOS Update for xmlsec1 CESA-2011:0486 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
CentOS Update for xmlsec1 CESA-2011:0486 centos5 x86_64
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for xmlsec1 CESA-2011:0486 centos4 i386
Check for the Version of xmlsec1 OpenVAS Vulnerability Test CentOS Update for xmlsec1 CESA-2011:0486 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
CentOS Update for xmlsec1 CESA-2011:0486 centos5 i386
Check for the Version of xmlsec1 OpenVAS Vulnerability Test CentOS Update for xmlsec1 CESA-2011:0486 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
CentOS Update for xmlsec1 CESA-2011:0486 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for xmlsec1 CESA-2011:0486 centos4 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2011-1774
WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. NOTE: this may overlap CVE-2011-1425...
RedHat Update for xmlsec1 RHSA-2011:0486-01
Check for the Version of xmlsec1 OpenVAS Vulnerability Test RedHat Update for xmlsec1 RHSA-2011:0486-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RedHat Update for xmlsec1 RHSA-2011:0486-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS 4 / 5 : xmlsec1 (CESA-2011:0486)
Updated xmlsec1 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
RHEL 4 / 5 : xmlsec1 (RHSA-2011:0486)
The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:0486 advisory. The XML Security Library is a C library based on libxml2 and OpenSSL that implements the XML Digital Signature and XML Encryption standards. A fl...
xmlsec1 security and bug fix update
1.2.9-8.1.2 - disable xslt i/o support in library, tools and examples, CVE-2011-1425 - Resolves: rhbz694124 - limit the paths used for searching the security library loaded dynamically...
[SECURITY] [DSA 2219-1] xmlsec1 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2219-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 18, 2011 http://www.debian.org/security/faq -...
Mandriva Update for xmlsec1 MDVSA-2011:063 (xmlsec1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2011-1425
xslt.c in XML Security Library aka xmlsec before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification...
CVE-2011-1425
XML Security Library (xmlsec) prior to 1.2.17 with XSLT enabled is vulnerable: during signature verification, using the libxslt output extension and a ds:Transform element can cause an attacker to create or overwrite arbitrary files. This is triggered by the XSLT processing path and affects produ...