31 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-0252
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service segmentation fault and crash via crafted XML data...
RHEL 6 : xerces-c (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xerces-c: Use-after-free in heap on specially crafted XML input CVE-2016-2099 - internal/XMLReader.cpp in...
Debian: Security Advisory (DLA-181-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-1193)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-xerces-c FEDORA-2015-4272
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : xerces-c on SL7.x x86_64 (20150629)
A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash. CVE-2015-0252 %NASLMINLEVEL 70300 C Tenable Network Security,...
CentOS Update for xerces-c CESA-2015:1193 centos7
Check the version of xerces-c SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882212";...
Oracle Linux 7 : xerces-c (ELSA-2015-1193)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-1193 advisory. 3.1.1-7 Resolves: rhbz1217104 CVE-2015-0252 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
CentOS 7 : xerces-c (CESA-2015:1193)
An updated xerces-c package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
RHEL 7 : xerces-c (RHSA-2015:1193)
An updated xerces-c package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Moderate: Red Hat Security Advisory: xerces-c security update
An updated xerces-c package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
xerces-c security update
3.1.1-7 Resolves: rhbz1217104 CVE-2015-0252...
SUSE SLED12 Security Update : Xerces-C (SUSE-SU-2015:0597-1)
The Xerces-C XML parsing library was updated to fix mishandling certain kinds of malformed input documents, that could have resulted in a segmentation faults during a parse operation, leading to denial of service or potential code execution. bnc920810,CVE-2015-0252 Note that Tenable Network...
Apache Xerces-C XML Parser Denial Of Service
Exploit Title: Apache Xerces-C XML Parser file.xml $ DOMPrint ./file.xml Ubuntu 15.04 libxerces-c3.1 package Segmentation fault $ ./DOMPrint ./file.xml ASAN Enabled build ================================================================= ==6831==ERROR: AddressSanitizer: heap-buffer-overflow on...
Apache Xerces-C XML Parser < 3.1.2 - DoS POC
Exploit for linux platform in category dos / poc Exploit Title: Apache Xerces-C XML Parser file.xml $ DOMPrint ./file.xml Ubuntu 15.04 libxerces-c3.1 package Segmentation fault $ ./DOMPrint ./file.xml ASAN Enabled build =================================================================...
Apache Xerces-C XML Parser 3.1.2 - Denial of Service (PoC)
Apache Xerces-C XML Parser 3.1.2 - Denial of Service PoC Exploit Title: Apache Xerces-C XML Parser file.xml $ DOMPrint ./file.xml Ubuntu 15.04 libxerces-c3.1 package Segmentation fault $ ./DOMPrint ./file.xml ASAN Enabled build =================================================================...
Apache Xerces-C XML Parser < 3.1.2 - Denial of Service (PoC)
Exploit Title: Apache Xerces-C XML Parser file.xml $ DOMPrint ./file.xml Ubuntu 15.04 libxerces-c3.1 package Segmentation fault $ ./DOMPrint ./file.xml ASAN Enabled build ================================================================= ==6831==ERROR: AddressSanitizer: heap-buffer-overflow on...
Updated xerces-c packages fix security vulnerabilities
Updated xerces-c packages fix security vulnerability: Anton Rager and Jonathan Brossard from the Salesforce.com Product Security Team and Ben Laurie of Google discovered a denial of service vulnerability in xerces-c. The parser mishandles certain kinds of malformed input documents, resulting in a...
Fedora 21 : xerces-c-3.1.1-8.fc21 (2015-4251)
Security fix for CVE-2015-0252. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 20 : mingw-xerces-c-3.1.1-9.fc20 (2015-4228)
Security fix for CVE-2015-0252. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...