21 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-7995
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of...
Debian: Security Advisory (DLA-514-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2015-7995
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue...
Slackware: Security Advisory (SSA:2016-148-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Advisory ROSA-SA-2021-1906
Software: libxslt 1.1.28 OS: Cobalt 7.9 CVE-ID: CVE-2015-7995 CVE-Crit: MEDIUM CVE-DESC: The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, allowing attackers to cause a denial of service via a generated XML file related to the "type...
Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2020-1442)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : libxslt (EulerOS-SA-2020-1442)
According to the versions of the libxslt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid...
Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2519)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2627)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : libxslt (EulerOS-SA-2019-2627)
According to the versions of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to caus...
EulerOS 2.0 SP2 : libxslt (EulerOS-SA-2019-2519)
According to the versions of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanis...
SUSE SLED12 / SLES12 Security Update : libxslt (SUSE-SU-2017:1313-1)
This update for libxslt fixes the following issues : - CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page bsc1035905. -...
[SECURITY] [DSA 3605-1] libxslt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3605-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 19, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3605-1] libxslt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3605-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 19, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 514-1] libxslt security update
Package : libxslt Version : 1.1.26-14.1+deb7u1 CVE ID : CVE-2015-7995 CVE-2016-1683 CVE-2016-1684 Several vulnerabilities were found in libxslt. CVE-2015-7995 A missing type check could cause an application crash via a especially crafted file. CVE-2016-1683 An out of bounds heap access bug was...
openSUSE Security Update : libxslt (openSUSE-2016-661)
This update for libxslt fixes the following issues : - CVE-2015-7995: A type confusion in preprocessing attributes was fixed boo952474. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
Apple TV < 9.1.1 Multiple Vulnerabilities
According to its banner, the remote Apple TV device is a version prior to 9.1.1. It is, therefore, affected by the following vulnerabilities : - A type confusion error exists in the bundled libxslt library due to improper handling of invalid values. An attacker can exploit this to crash the...
Mac OS X Libxslt Function Type Confusion RCE (Security Update 2016-001)
The remote host is running a version of Mac OS X 10.9.5 or 10.10.5 that is missing Security Update 2016-001. It is, therefore, affected by a remote code execution vulnerability due to a type confusion flaw in the bundled libxslt component that is triggered when handling invalid values. A remote...
CVE-2015-7995
CVE-2015-7995 affects libxslt and is described as a type confusion in the xsltStylePreCompute() function that could lead to a denial of service when processing crafted XML. Public documents corroborate libxslt involvement across vendors (e.g., Debian security advisories cite this CVE with fixes i...
Mageia: Security Advisory (MGASA-2015-0432)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...