34 matches found
K24322529: libxml2 vulnerabilities CVE-2016-4447 and CVE-2016-4449
Security Advisory Description CVE-2016-4447 The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service heap-based buffer underread and application crash via a crafted file, involving xmlParseName. CVE-2016-4449 XML external...
Slackware: Security Advisory (SSA:2016-148-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1538-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in libxml2 affect IBM RackSwitch Networking products
Summary IBM RackSwitch Networking products have addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM RackSwitch Networking products have addressed the following vulnerabilities in libxml2. Vulnerability Details: CVE-ID: CVE-2016-3627 Description: libxml2 is...
Security Bulletin: Vulnerabilities in libxml2 affect IBM Flex System Networking Switch products
Summary IBM Flex System Networking Switch products have addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM Flex System Networking Switch products have addressed the following vulnerabilities in libxml2. Vulnerability Details: CVE-ID: CVE-2016-3627 Description:...
Security Bulletin: Rational Systems Tester is affected by Libxml2 vulnerabilities (CVE-2016-4447, CVE-2016-4448, CVE-2016-4449)
Summary A set of Libxml2 vulnerabilities were disclosed by the Libxml2 Project. Libxml2 is used by Rational Systems Tester. Rational Systems Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-4447 DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by a...
Security Bulletin: IBM Security Access Manager for Mobile is affected by security vulnerabilities in libxml2
Summary Vulnerabilities have been identified in the libxml2 library, which is a development toolbox providing the implementation of various XML standards. IBM Security Access Manager for Mobile uses libxml2 and is affected by these vulnerabilities. Vulnerability Details CVEID: CVE-2016-4448...
Security Bulletin: IBM Cognos AnalyticsのLibxml2脆弱性について
Summary IBM Cognos Analytics 11.0.5.0で修正されている複数の脆弱性についてお知らせ致します。 IBM® WebSphere Application Server Libertyには複数のLibxml2 脆弱性が存在します。LibertyはCognos Analytics で使用されています。これらの問題はIBM WebSphere Application Server Libertyの更新の一部として公開されました。 2つのクロスサイトスクリプティングに関する脆弱性も修正されています。 脆弱性の詳細につきましては、下記サイトをご覧ください。...
About the security content of iTunes 12.4.2 for Windows - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
Fedora Update for libxml2 FEDORA-2017-be8574d593
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
JVN#17535578: Multiple vulnerabilities in Cybozu Office
Cybozu Office contains multiple vulnerabilities listed below. Cross-site scripting in the design setting screen CWE-79 - CVE-2017-2114 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2| AV:N/AC:L/Au:S/C:N/I:P/A:N| Base Score: 4.0...
Security fix for the ALT Linux 8 package libxml2 version 1:2.9.4.0.12.e905-alt1
1:2.9.4.0.12.e905-alt1 built March 7, 2017 Dmitry V. Levin in task 179256 --- March 3, 2017 Dmitry V. Levin - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627,...
Security fix for the ALT Linux 10 package libxml2 version 1:2.9.4.0.12.e905-alt1
March 3, 2017 Dmitry V. Levin 1:2.9.4.0.12.e905-alt1 - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4449, CVE-2016-4483, CVE-2016-4658,...
Security fix for the ALT Linux 9 package libxml2 version 1:2.9.4.0.12.e905-alt1
March 3, 2017 Dmitry V. Levin 1:2.9.4.0.12.e905-alt1 - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4449, CVE-2016-4483, CVE-2016-4658,...
F5 Networks BIG-IP : libxml2 vulnerabilities (K24322529)
CVE-2016-4447 The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service heap-based buffer underread and application crash via a crafted file, involving xmlParseName. CVE-2016-4449 XML external entity XXE vulnerability in t...
Amazon Linux: Security Advisory (ALAS-2016-719)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libxml2 packages fix security vulnerability
A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the...
CVE-2016-4449
XML external entity XXE vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service resource consumption via unspecified vectors...
Amazon Linux AMI : libxml2 (ALAS-2016-719)
A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the...
Oracle Linux 6 / 7 : libxml2 (ELSA-2016-1292)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1292 advisory. - Heap-based buffer overread in xmlNextChar CVE-2016-1762 - Bug 763071: Heap-buffer-overflow in xmlStrncat CVE-2016-1834 - Bug 757711:...