19 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-0663
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an...
Security Bulletin: Vulnerabilities in libxml2 affect IBM BladeCenter Advanced Management Module (AMM) (CVE-2017-7376, CVE-2017-7375, CVE-2017-5969, CVE-2017-0663)
Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in libxml2. Vulnerability Details CVEID: CVE-2017-7376 Descriptio...
Ubuntu: Security Advisory (USN-3424-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2701-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.5.1 : libxml2 (EulerOS-SA-2018-1257)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary co...
EulerOS Virtualization 2.5.0 : libxml2 (EulerOS-SA-2018-1258)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary co...
EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2018-1186)
According to the version of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the...
Debian: Security Advisory (DLA-1060-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libxml2 & perl-XML-LibXML packages fix security vulnerabilities
Use-after-free error could lead to crash CVE-2016-4658. Use-after-free vulnerability in libxml2 through 2.9.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function CVE-2016-5131. libxml2 2.9.4 and earli...
USN-3424-1: libxml2 vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code...
Remote Code Execution (RCE)
The nokogiri gem is susceptible to remote code execution RCE attacks. The attacks exist because the library uses the C package libxml2 which is vulnerable to CVE-2017-0663, allowing a malicious user to pass a XML file to execute arbitrary code or crash the application...
Ubuntu 14.04 LTS / 16.04 LTS : libxml2 vulnerabilities (USN-3424-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3424-1 advisory. It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause...
[SECURITY] [DSA 3952-1] libxml2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3952-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 23, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3952-1] libxml2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3952-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 23, 2017 https://www.debian.org/security/faq -...
Debian DLA-1060-1 : libxml2 security update
CVE-2017-0663 Invalid casting of different structs could enable an attacker to remotely execute some code within the context of an unprivileged process. CVE-2017-7376 Incorrect limit used for port values. For Debian 7 'Wheezy', these problems have been fixed in version 2.8.0+dfsg1-7+wheezy9. We...
[SECURITY] [DLA 1060-1] libxml2 security update
Package : libxml2 Version : 2.8.0+dfsg1-7+wheezy9 CVE ID : CVE-2017-0663 CVE-2017-7376 CVE-2017-0663 Invalid casting of different structs could enable an attacker to remotely execute some code within the context of an unprivileged process. CVE-2017-7376 Incorrect limit used for port values. For...
CVE-2017-0663
A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library...
CVE-2017-0663
CVE-2017-0663: libxml2 remote code execution via a crafted file. The Android-impacting flaw is a libxml2 out-of-bounds write that can crash or enable code execution in an unprivileged process. Exploitation and impact are stated in the CVE entry, with high severity (CVSSv3 7.8). No public fix vers...
CVE-2017-0663
A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library...