SUSE: Security Advisory (SUSE-SU-2016:1538-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in libxml2 affect IBM Flex System Networking Switch products

Summary IBM Flex System Networking Switch products have addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM Flex System Networking Switch products have addressed the following vulnerabilities in libxml2. Vulnerability Details: CVE-ID: CVE-2016-3627 Description:...

Security Bulletin: Vulnerabilities in libxml2 affect IBM RackSwitch Networking products

Summary IBM RackSwitch Networking products have addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM RackSwitch Networking products have addressed the following vulnerabilities in libxml2. Vulnerability Details: CVE-ID: CVE-2016-3627 Description: libxml2 is...

Security Bulletin: Vulnerabilities in OpenSource libxml2 affect IBM Security Guardium (CVE-2016-2073)

Summary libxml2 is vulnerable to a heap-based buffer overflow. IBM Security Guardium has addressed the applicable CVE Vulnerability Details CVEID: CVE-2016-2073 DESCRIPTION: libxml2 is vulnerable to a heap-based buffer overflow, caused by an out-of-bounds read in the htmlParseNameComplex function...

Security Bulletin: Multiple vulnerabilities in XMLsoft Libxml2 affect IBM Streams

Summary There are multiple vulnerabilities in Libxml2 library used by IBM Streams. IBM Streams has addressed the applicable CVEs. Vulnerability Details CVE-ID: CVE-2016-2073 Description: libxml2 is vulnerable to a heap-based buffer overflow, caused by an out-of-bounds read in the...

Security Bulletin: IBM Cognos AnalyticsのLibxml2脆弱性について

Summary IBM Cognos Analytics 11.0.5.0で修正されている複数の脆弱性についてお知らせ致します。 IBM® WebSphere Application Server Libertyには複数のLibxml2 脆弱性が存在します。LibertyはCognos Analytics で使用されています。これらの問題はIBM WebSphere Application Server Libertyの更新の一部として公開されました。 ２つのクロスサイトスクリプティングに関する脆弱性も修正されています。 脆弱性の詳細につきましては、下記サイトをご覧ください。...

Updated libxml2 packages fix security vulnerability

A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the...

openSUSE: Security Advisory for libxml2 (openSUSE-SU-2016:1595-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for libxml2 (important)

This update for libxml2 fixes the following security issues: - CVE-2016-2073, CVE-2015-8806, CVE-2016-1839: A Heap-buffer overread was fixed in libxml2/dict.c bsc963963, bsc965283, bsc981114. - CVE-2016-4483: Code was added to avoid an out of bound access when serializing malformed strings...

Ubuntu 14.04 LTS / 16.04 LTS : libxml2 vulnerabilities (USN-2994-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2994-1 advisory. It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a...

USN-2994-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. CVE-2015-8806, CVE-2016-2073, CVE-2016-3627,...

CVE-2016-2073

CVE-2016-2073 affects libxml2: a vulnerability in htmlParseNameComplex() can cause a heap-based buffer overflow / out-of-bounds read, leading to potential denial of service or code execution when processing a crafted XML file. The connected IBM/IBM Guards pages confirm the issue and list affected...

CVE-2016-2073

The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service out-of-bounds read via a crafted XML document...