EUVD-2013-4379

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2012-2825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service incorrect read operation via unspecified vector...

SUSE: Security Advisory (SUSE-SU-2013:1654-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:0901-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

libxslt is a library for transforming XML files into other textual formats including HTML, plain text, and other XML representations of the underlying data using the standard XSLT stylesheet transformation mechanism. A heap-based buffer overflow flaw was found in the way libxslt applied templates...

openSUSE Security Update : libxslt / libxslt-python (openSUSE-SU-2012:0883-1)

Changes in libxslt, libxslt-python : - fixing an incorrect read operation in the XSL implementation CVE-2012-2825, bnc769182 that could cause a DoS condition %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

openSUSE Security Update : chromium / v8 (openSUSE-SU-2012:0813-1)

Update Chromium to 22.0.1190 - Security Fixes bnc769181 : - CVE-2012-2815: Leak of iframe fragment id - CVE-2012-2816: Prevent sandboxed processes interfering with each other - CVE-2012-2817: Use-after-free in table section handling - CVE-2012-2818: Use-after-free in counter layout -...

Apple iTunes < 11.1.4 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes on the remote host is prior to version 11.1.4. It is, therefore, affected by multiple vulnerabilities : - The included versions of the WebKit, libxml, and libxslt components in iTunes contain several errors that can lead to memory corruption and arbitrary code executio...

Apple iTunes < 11.1.4 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote Windows host is older than 11.1.4. It is, therefore, potentially affected by several issues : - The included versions of WebKit, libxml, and libxslt contain several errors that could lead to memory corruption and possibly arbitrary code executio...

Design/Logic Flaw

xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service crash via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fix for CVE-2012-2825...

Amazon Linux AMI : libxslt (ALAS-2012-123)

A heap-based buffer overflow flaw was found in the way libxslt applied templates to nodes selected by certain namespaces. An attacker could use this flaw to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the...

VMSA-2013-0001 : VMware vSphere security updates for the authentication service and third-party libraries

a. VMware vSphere client-side authentication memory corruption vulnerability VMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the handling of the management authentication protocol. To exploit this vulnerability, an attacker must convince either vCenter Server, vSphere...

SuSE 11.1 Security Update : libxslt (SAT Patch Number 6491)

The following issue has been fixed : - Specially crafted XSL documents could have crashed libxslt CVE-2012-2825 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright ...

USN-1595-1: libxslt vulnerabilities

Chris Evans discovered that libxslt incorrectly handled generate-id XPath functions. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could obtain potentially sensitive information. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10....

Fedora Update for libxslt FEDORA-2012-14048

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for libxslt FEDORA-2012-14048

Check for the Version of libxslt OpenVAS Vulnerability Test Fedora Update for libxslt FEDORA-2012-14048 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Important: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes multiple security issues and one bug is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Fedora 17 : libxslt-1.1.26-10.fc17 (2012-14083)

Lot of security fixes and a few other bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEV...

Fedora Update for libxslt FEDORA-2012-14083

Check for the Version of libxslt OpenVAS Vulnerability Test Fedora Update for libxslt FEDORA-2012-14083 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Important: libxslt

Issue Overview: A heap-based buffer overflow flaw was found in the way libxslt applied templates to nodes selected by certain namespaces. An attacker could use this flaw to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could...