Lucene search
K

6932 matches found

Debian
Debian
added 2004/03/04 10:22 a.m.58 views

[SECURITY] [DSA 455-1] New libxml packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 455-1 [email protected] http://www.debian.org/security/ Martin Schulze March 3rd, 2004 http://www.debian.org/security/faq -...

7.5CVSS0.8AI score0.24232EPSS
Exploits0
Cvelist
Cvelist
added 2004/03/04 5:0 a.m.21 views

CVE-2004-0110

Buffer overflow in the 1 nanohttp or 2 nanoftp modules in XMLSoft Libxml 2 Libxml2 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL...

6.8AI score0.24232EPSS
Exploits0References18
CVE
CVE
added 2004/03/04 5:0 a.m.77 views

CVE-2004-0110

The CVE-2004-0110 issue is a real vulnerability in libxml (XMLSoft Libxml2) affecting versions 2.6.0–2.6.5, where a long URL can trigger a buffer overflow in the nanohttp/nanoftp URL parsing paths, enabling remote arbitrary code execution. Related CVEs (CVE-2004-0989) cover buffer overflows in FT...

7.5CVSS6.8AI score0.24232EPSS
Exploits0References18Affected Software3
RedHat Linux
RedHat Linux
added 2004/02/26 8:38 p.m.5 views

libxml2 long URL causes SEGV

Buffer overflow in the 1 nanohttp or 2 nanoftp modules in XMLSoft Libxml 2 Libxml2 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL...

7.5CVSS6.3AI score0.24232EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2004/02/26 8:38 p.m.34 views

Moderate: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix an overflow when parsing remote resources are now available. libxml2 is a library for manipulating XML files. Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When fetching a remote resource via FTP or HTTP, libxml2 uses special parsing...

7.5CVSS6.4AI score0.24232EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2004/02/26 7:36 a.m.3 views

Moderate: Red Hat Security Advisory: : Updated libxml2 packages fix security vulnerability

Updated libxml2 packages that fix an overflow when parsing remote resources are now available. Updated 3 March 2004 Revised libxml2 packages are now available as the original packages did not contain a complete patch. libxml2 is a library for manipulating XML files. Yuuichi Teranishi discovered a...

7.5CVSS6.4AI score0.24232EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/02/08 12:0 a.m.38 views

libxml2 stack buffer overflow in URI parsing

Yuuichi Teranishi reported a crash in libxml2's URI handling when a long URL is supplied. The implementation in nanohttp.c and nanoftp.c uses a 4K stack buffer, and longer URLs will overwrite the stack. This could result in denial-of-service or arbitrary code execution in applications using libxm...

7.5CVSS7.2AI score0.24232EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2003/12/31 5:0 a.m.60 views

CVE-2003-1564

libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, aka the "billion laughs...

9.3CVSS6.8AI score0.01619EPSS
Exploits0References1
NVD
NVD
added 2003/12/31 5:0 a.m.33 views

CVE-2003-1564

libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, aka the "billion laughs...

9.3CVSS6.8AI score0.01619EPSS
Exploits0References6
Redos
Redos
added 1976/01/01 12:0 a.m.14 views

ROS-2-1659

2.1659 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.5AI score0.01861EPSS
Exploits0
Redos
Redos
added 1976/01/01 12:0 a.m.15 views

ROS-2-1367

2.1367 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.9AI score0.01861EPSS
Exploits0
Redos
Redos
added 1976/01/01 12:0 a.m.6 views

ROS-2-2168

2.2168 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS8.8AI score0.01861EPSS
Exploits0
Rows per page
Query Builder