17 matches found
BELL-CVE-2017-5029 CVE-2017-5029 does not affect BellSoft software
Bulletin has no description...
Photon OS 1.0: Linux PHSA-2017-0018 (deprecated)
An update of linux,libxlt packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0018. The text itself is copyright C VMware, Inc...
Apple Mac OS X Multiple Memory Corruption Vulnerabilities (HT207615)
Apple Mac OS X is prone to multiple memory corruption vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : libxslt (SUSE-SU-2017:1313-1)
This update for libxslt fixes the following issues : - CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page bsc1035905. -...
Nokogiri gem contains two upstream vulnerabilities in libxslt 1.1.29
nokogiri version 1.7.2 has been released. This is a security update based on 1.7.1, addressing two upstream libxslt 1.1.29 vulnerabilities classified as "Medium" by Canonical and given a CVSS3 score of "6.5 Medium" and "8.8 High" by RedHat. These patches only apply when using Nokogiri's vendored...
Updated libxslt packages fix security vulnerability
Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service application crash or possible execute arbitrary code CVE-2017-5029...
ALPINE-CVE-2017-5029
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of...
About the security content of iCloud for Windows 6.2 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
Mac OS X Multiple Vulnerabilities (Security Update 2017-001
The remote host is running a version of Mac OS X 10.10.5 or 10.11.6 that is missing a security update. It is therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the LibreSSL component due to a flaw in the ECDSA implementation that is triggered whe...
Ubuntu 14.04 LTS / 16.04 LTS : Oxide vulnerabilities (USN-3236-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3236-1 advisory. Multiple vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could...
Debian DSA-3810-1 : chromium-browser - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2017-5029 Holger Fuhrmannek discovered an integer overflow issue in the libxslt library. - CVE-2017-5030 Brendon Tiszka discovered a memory corruption issue in the v8 JavaScript library. - CVE-2017-5031 Looben Yang...
[SECURITY] [DSA 3810-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3810-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 15, 2017 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3810-1 (chromium-browser - security update)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5029 Holger Fuhrmannek discovered an integer overflow issue in the libxslt library. CVE-2017-5030 Brendon Tiszka discovered a memory corruption issue in the v8 javascript library. CVE-2017-5031 Looben Yang discover...
FreeBSD : chromium -- multiple vulnerabilities (a505d397-0758-11e7-8d8b-e8e0b747a45a)
Google Chrome Releases reports : 36 security fixes in this release Please reference CVE/URL list for details %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2019 Jacques...
[ASA-201703-4] chromium: multiple issues
Arch Linux Security Advisory ASA-201703-4 ========================================= Severity: Critical Date : 2017-03-11 CVE-ID : CVE-2017-5029 CVE-2017-5030 CVE-2017-5031 CVE-2017-5032 CVE-2017-5033 CVE-2017-5034 CVE-2017-5035 CVE-2017-5036 CVE-2017-5037 CVE-2017-5038 CVE-2017-5039 CVE-2017-5040...
CVE-2017-5029
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of...
Google Chrome Security Updates (stable-channel-update-for-desktop-2017-03) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...