31 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-0252
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service segmentation fault and crash via crafted XML data...
RHEL 6 : xerces-c (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xerces-c: Use-after-free in heap on specially crafted XML input CVE-2016-2099 - internal/XMLReader.cpp in...
Debian: Security Advisory (DLA-181-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-1193)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-xerces-c FEDORA-2015-4272
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : xerces-c on SL7.x x86_64 (20150629)
A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash. CVE-2015-0252 %NASLMINLEVEL 70300 C Tenable Network Security,...
CentOS Update for xerces-c CESA-2015:1193 centos7
Check the version of xerces-c SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882212";...
RHEL 7 : xerces-c (RHSA-2015:1193)
An updated xerces-c package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
CentOS 7 : xerces-c (CESA-2015:1193)
An updated xerces-c package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Oracle Linux 7 : xerces-c (ELSA-2015-1193)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-1193 advisory. 3.1.1-7 Resolves: rhbz1217104 CVE-2015-0252 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
Moderate: Red Hat Security Advisory: xerces-c security update
An updated xerces-c package that fixes one security issue is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
xerces-c security update
3.1.1-7 Resolves: rhbz1217104 CVE-2015-0252...
SUSE SLED12 Security Update : Xerces-C (SUSE-SU-2015:0597-1)
The Xerces-C XML parsing library was updated to fix mishandling certain kinds of malformed input documents, that could have resulted in a segmentation faults during a parse operation, leading to denial of service or potential code execution. bnc920810,CVE-2015-0252 Note that Tenable Network...
Apache Xerces-C XML Parser < 3.1.2 - DoS POC
Exploit for linux platform in category dos / poc Exploit Title: Apache Xerces-C XML Parser file.xml $ DOMPrint ./file.xml Ubuntu 15.04 libxerces-c3.1 package Segmentation fault $ ./DOMPrint ./file.xml ASAN Enabled build =================================================================...
Apache Xerces-C XML Parser Denial Of Service
Exploit Title: Apache Xerces-C XML Parser file.xml $ DOMPrint ./file.xml Ubuntu 15.04 libxerces-c3.1 package Segmentation fault $ ./DOMPrint ./file.xml ASAN Enabled build ================================================================= ==6831==ERROR: AddressSanitizer: heap-buffer-overflow on...
Apache Xerces-C XML Parser 3.1.2 - Denial of Service (PoC)
Apache Xerces-C XML Parser 3.1.2 - Denial of Service PoC Exploit Title: Apache Xerces-C XML Parser file.xml $ DOMPrint ./file.xml Ubuntu 15.04 libxerces-c3.1 package Segmentation fault $ ./DOMPrint ./file.xml ASAN Enabled build =================================================================...
Apache Xerces-C XML Parser < 3.1.2 - Denial of Service (PoC)
Exploit Title: Apache Xerces-C XML Parser file.xml $ DOMPrint ./file.xml Ubuntu 15.04 libxerces-c3.1 package Segmentation fault $ ./DOMPrint ./file.xml ASAN Enabled build ================================================================= ==6831==ERROR: AddressSanitizer: heap-buffer-overflow on...
Updated xerces-c packages fix security vulnerabilities
Updated xerces-c packages fix security vulnerability: Anton Rager and Jonathan Brossard from the Salesforce.com Product Security Team and Ben Laurie of Google discovered a denial of service vulnerability in xerces-c. The parser mishandles certain kinds of malformed input documents, resulting in a...
Fedora Update for mingw-xerces-c FEDORA-2015-4228
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for xerces-c FEDORA-2015-4251
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...