Linux Distros Unpatched Vulnerability : CVE-2016-0718

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Expat allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a malformed input document, which triggers a...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : xmltok library vulnerabilities (USN-5455-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5455-1 advisory. Tim Boddy, Gustavo Grieco and others discovered that Expat, that is integrated in xmltok library, incorrectly handled...

K52320548: Expat vulnerability CVE-2016-0718

Security Advisory Description An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code...

Ubuntu: Security Advisory (USN-5455-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5455-1: xmltok library vulnerabilities

Tim Boddy, Gustavo Grieco and others discovered that Expat, that is integrated in xmltok library, incorrectly handled certain files. An attacker could possibly use these issues to cause a denial of service, or possibly execute arbitrary code. These issues were only addressed in Ubuntu 16.04 ESM...

Python < 2.7.14, 3.3.x < 3.3.7, 3.4.x < 3.4.7, 3.5.x < 3.5.4, 3.6.x < 3.6.2 Expat 2.2.1 (bpo-30694) - Mac OS X

'Expat SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.118249";...

Python < 2.7.14, 3.3.x < 3.3.7, 3.4.x < 3.4.7, 3.5.x < 3.5.4, 3.6.x < 3.6.2 Expat 2.2.1 (bpo-30694) - Windows

'Expat SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.118248";...

Python < 2.7.14, 3.3.x < 3.3.7, 3.4.x < 3.4.7, 3.5.x < 3.5.4, 3.6.x < 3.6.2 Expat 2.2.1 (bpo-30694) - Linux

'Expat SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.118250";...

SUSE: Security Advisory (SUSE-SU-2016:1512-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0497-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:1508-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-0718

An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code with the permission of the user...

SUSE SLED12 / SLES12 Security Update : python3 (SUSE-SU-2020:0497-1)

This update for python3 fixes the following issues : Update to 3.4.10 jscSLE-9427, bsc1159208 from 3.4.6 : Security issues fixed : Update expat copy from 2.1.1 to 2.2.0 to fix the following issues: CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2017-9233, CVE-2016-9063 CVE-2017-1000158: Fix an...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2019-1446)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.1.0 : expat (EulerOS-SA-2019-1446)

According to the version of the expat packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML tha...

Security Bulletin: A vulnerability in expat affects PowerKVM

Summary PowerKVM is affected by a vulnerability in expat. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-0718 DESCRIPTION: Expat is vulnerable to a buffer overflow, caused by improper bounds checking when processing malformed XML data. By using the Expat library, ...

Security Bulletin: Multiple denial of service vulnerabilities with Expat may affect IBM HTTP Server shipped with IBM Service Delivery Manager (CVE-2012-0876, CVE-2012-1148, CVE-2016-4472 and CVE-2016-0718)

Summary IBM HTTP Server is shipped as components of IBM Service Delivery Manager. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details CVEID: CVE-2012-0876 DESCRIPTION: Expat is vulnerable to a denial of service,...

Security Bulletin: IBM Security Access Manager appliances are affected by a vulnerability in the Expat XML parser (CVE-2016-0718)

Summary A vulnerability has been identified in the Expat XML parser, which affects IBM Security Access Manager appliances. Vulnerability Details CVEID: CVE-2016-0718 DESCRIPTION: Expat is vulnerable to a buffer overflow, caused by improper bounds checking when processing malformed XML data. By...

Security Bulletin: A vulnerability in Expat XML parser affects IBM Security Network Protection (CVE-2016-0718)

Summary A security vulnerability has been discovered in Expat XML parser, which is used by IBM Security Network Protection. Vulnerability Details CVEID: CVE-2016-0718 DESCRIPTION: Expat is vulnerable to a buffer overflow, caused by improper bounds checking when processing malformed XML data. By...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM PureApplication System

Summary IBM WebSphere Application Server patterns are shipped as a component of IBM PureApplication System. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in security bulletins CVE-2016-0377, CVE-2016-0385, CVE-2016-2960, CVE-2016-0718,...