6932 matches found
[SECURITY] [DSA 455-1] New libxml packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 455-1 [email protected] http://www.debian.org/security/ Martin Schulze March 3rd, 2004 http://www.debian.org/security/faq -...
CVE-2004-0110
Buffer overflow in the 1 nanohttp or 2 nanoftp modules in XMLSoft Libxml 2 Libxml2 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL...
CVE-2004-0110
The CVE-2004-0110 issue is a real vulnerability in libxml (XMLSoft Libxml2) affecting versions 2.6.0–2.6.5, where a long URL can trigger a buffer overflow in the nanohttp/nanoftp URL parsing paths, enabling remote arbitrary code execution. Related CVEs (CVE-2004-0989) cover buffer overflows in FT...
libxml2 long URL causes SEGV
Buffer overflow in the 1 nanohttp or 2 nanoftp modules in XMLSoft Libxml 2 Libxml2 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL...
Moderate: Red Hat Security Advisory: libxml2 security update
Updated libxml2 packages that fix an overflow when parsing remote resources are now available. libxml2 is a library for manipulating XML files. Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When fetching a remote resource via FTP or HTTP, libxml2 uses special parsing...
Moderate: Red Hat Security Advisory: : Updated libxml2 packages fix security vulnerability
Updated libxml2 packages that fix an overflow when parsing remote resources are now available. Updated 3 March 2004 Revised libxml2 packages are now available as the original packages did not contain a complete patch. libxml2 is a library for manipulating XML files. Yuuichi Teranishi discovered a...
libxml2 stack buffer overflow in URI parsing
Yuuichi Teranishi reported a crash in libxml2's URI handling when a long URL is supplied. The implementation in nanohttp.c and nanoftp.c uses a 4K stack buffer, and longer URLs will overwrite the stack. This could result in denial-of-service or arbitrary code execution in applications using libxm...
CVE-2003-1564
libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, aka the "billion laughs...
CVE-2003-1564
libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, aka the "billion laughs...
ROS-2-1659
2.1659 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...
ROS-2-1367
2.1367 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...
ROS-2-2168
2.2168 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...