37 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-8242
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of...
SUSE: Security Advisory (SUSE-SU-2016:0030-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:0786-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS: Security Advisory for libxml2 (CESA-2015:2549)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2016:0049-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: libxml2
Issue Overview: A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information.CVE-2015-8242 A denial of service flaw w...
Denial Of Service (DoS)
The libxml2 library is a development toolbox providing the implementation of various XML standards. Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or...
Apple TV < 9.2 Multiple Vulnerabilities
According to its banner, the remote Apple TV device is a version prior to 9.2. It is, therefore, affected by the following vulnerabilities : - An XML external entity XXE expansion flaw exists in libxml2 due to the XML parser accepting entities from untrusted sources. An unauthenticated, remote...
Fedora 23 : libxml2-2.9.3-1.fc23 (2015-c24af963a2)
Very large set of security issues for libxml2 and a bunch of bug fixes tooCVE-2015-8242 CVE-2015-7500 CVE-2015-7499 CVE-2015-5312 CVE-2015-7498 CVE-2015-7497 CVE-2015-1819 CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 Note that Tenable Network Security has extracted the preceding description block...
Fedora 22 : libxml2-2.9.3-1.fc22 (2015-037f844d3e)
Very large set of security issues for libxml2 and a bunch of bug fixes tooCVE-2015-8242 CVE-2015-7500 CVE-2015-7499 CVE-2015-5312 CVE-2015-7498 CVE-2015-7497 CVE-2015-1819 CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 Note that Tenable Network Security has extracted the preceding description block...
openSUSE Security Update : libxml2 (openSUSE-2016-32)
security update: This update fixes the following security issues : - CVE-2015-1819 Enforce the reader to run in constant memory bnc928193 - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors bnc951734 - CVE-2015-7942 Fix another variation...
SUSE SLED11 / SLES11 Security Update : libxml2 (SUSE-SU-2016:0030-1)
This update fixes the following security issues : - CVE-2015-1819 Enforce the reader to run in constant memory bnc928193 - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors bnc951734 - CVE-2015-7942 Fix another variation of overflow in...
SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2016:0049-1)
security update: This update fixes the following security issues : - CVE-2015-1819 Enforce the reader to run in constant memory bnc928193 - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors bnc951734 - CVE-2015-7942 Fix another variation...
Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20151207)
Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use...
CVE-2015-8242
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service stack-based buffer over-read and application crash or obtain sensitive information via crafted XML data...
DEBIAN-CVE-2015-8242
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service stack-based buffer over-read and application crash or obtain sensitive information via crafted XML data...
CVE-2015-8242
CVE-2015-8242 affects libxml2 prior to 2.9.3. The xmlSAX2TextNode function in SAX2.c within the push interface of the HTML parser can cause a stack-based buffer over-read when processing crafted XML data, leading to a denial of service (application crash) and potential exposure of sensitive infor...
CVE-2015-8242
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service stack-based buffer over-read and application crash or obtain sensitive information via crafted XML data...
Nokogiri gem contains several vulnerabilities in libxml2
Nokogiri version 1.6.7.1 has been released, pulling in several upstream patches to the vendored libxml2 to address the following CVEs: CVE-2015-5312 CVSS v2 Base Score: 7.1 HIGH The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion,...
Ubuntu 14.04 LTS : libxml2 vulnerabilities (USN-2834-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2834-1 advisory. Kostya Serebryany discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a...