33 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-7498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service v...
SUSE: Security Advisory (SUSE-SU-2016:0030-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS: Security Advisory for libxml2 (CESA-2015:2549)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2016:0049-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: libxml2
Issue Overview: A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information.CVE-2015-8242 A denial of service flaw w...
Denial Of Service (DoS)
The libxml2 library is a development toolbox providing the implementation of various XML standards. Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or...
Fedora 22 : libxml2-2.9.3-1.fc22 (2015-037f844d3e)
Very large set of security issues for libxml2 and a bunch of bug fixes tooCVE-2015-8242 CVE-2015-7500 CVE-2015-7499 CVE-2015-5312 CVE-2015-7498 CVE-2015-7497 CVE-2015-1819 CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 Note that Tenable Network Security has extracted the preceding description block...
Fedora 23 : libxml2-2.9.3-1.fc23 (2015-c24af963a2)
Very large set of security issues for libxml2 and a bunch of bug fixes tooCVE-2015-8242 CVE-2015-7500 CVE-2015-7499 CVE-2015-5312 CVE-2015-7498 CVE-2015-7497 CVE-2015-1819 CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 Note that Tenable Network Security has extracted the preceding description block...
openSUSE Security Update : libxml2 (openSUSE-2016-32)
security update: This update fixes the following security issues : - CVE-2015-1819 Enforce the reader to run in constant memory bnc928193 - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors bnc951734 - CVE-2015-7942 Fix another variation...
SUSE SLED11 / SLES11 Security Update : libxml2 (SUSE-SU-2016:0030-1)
This update fixes the following security issues : - CVE-2015-1819 Enforce the reader to run in constant memory bnc928193 - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors bnc951734 - CVE-2015-7942 Fix another variation of overflow in...
SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2016:0049-1)
security update: This update fixes the following security issues : - CVE-2015-1819 Enforce the reader to run in constant memory bnc928193 - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors bnc951734 - CVE-2015-7942 Fix another variation...
[SECURITY] [DSA 3430-1] libxml2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3430-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 23, 2015 https://www.debian.org/security/faq -...
Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20151207)
Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use...
CVE-2015-7498
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure...
CVE-2015-7498
CVE-2015-7498 is a heap-based buffer overflow in the xmlParseXmlDecl function of libxml2’s parser.c, affecting versions before 2.9.3. The underlying issue enables context-dependent attackers to trigger a denial of service via crafted XML data, related to an encoding conversion failure. Affected p...
Ubuntu 14.04 LTS : libxml2 vulnerabilities (USN-2834-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2834-1 advisory. Kostya Serebryany discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a...
Nokogiri gem contains several vulnerabilities in libxml2
Nokogiri version 1.6.7.1 has been released, pulling in several upstream patches to the vendored libxml2 to address the following CVEs: CVE-2015-5312 CVSS v2 Base Score: 7.1 HIGH The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion,...
Medium: libxml2
Issue Overview: A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory. The...
libxml2: multiple issues
CVE-2015-1819 denial of service A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory...
Scientific Linux Security Update : libxml2 on SL6.x i386/x86_64 (20151207)
Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use...