6942 matches found
USN-2812-1 libxml2 vulnerability | Cloud Foundry
USN-2812-1 libxml2 vulnerability Medium Vendor libxml2 Versions Affected Ubuntu 14.04 Description Florian Weimer discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause...
Fedora Update for libxml2 FEDORA-2015-037
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-355-1 : libxml2 security update
CVE-2015-8241 Buffer overread with XML parser in xmlNextChar CVE-2015-8317 - issues in the xmlParseXMLDecl function: If we fail conversing the current input stream while processing the encoding declaration of the XMLDecl then it's safer to just abort there and not try to report further errors. - ...
[SECURITY] [DLA 355-1] libxml2 security update
Package : libxml2 Version : 2.7.8.dfsg-2+squeeze15 CVE ID : CVE-2015-8241 CVE-2015-8317 Debian Bug : 806384 CVE-2015-8241 Buffer overread with XML parser in xmlNextChar CVE-2015-8317 - issues in the xmlParseXMLDecl function: If we fail conversing the current input stream while processing the...
DLA-355-1 libxml2 - security update
Bulletin has no description...
Mageia: Security Advisory (MGASA-2015-0457)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 23 Update: libxml2-2.9.3-1.fc23
This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...
MGASA-2015-0457 Updated libxml2 packages fix security vulnerabilities
Updated libxml2 packages fix security vulnerabilities: In libxml2 before 2.9.3, one case where when dealing with entities expansion, it failed to exit, leading to a denial of service CVE-2015-5312. In libxml2 before 2.9.3, it was possible to hit a negative offset in the name indexing used to...
Updated libxml2 packages fix security vulnerabilities
Updated libxml2 packages fix security vulnerabilities: In libxml2 before 2.9.3, one case where when dealing with entities expansion, it failed to exit, leading to a denial of service CVE-2015-5312. In libxml2 before 2.9.3, it was possible to hit a negative offset in the name indexing used to...
CVE-2015-7498
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure...
CVE-2015-7497
Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors...
CVE-2015-5312
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted XML data, a different vulnerability than CVE-2014-3660...
UBUNTU-CVE-2015-5312
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted XML data, a different vulnerability than CVE-2014-3660...
UBUNTU-CVE-2015-7497
Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors...
UBUNTU-CVE-2015-7498
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure...
UBUNTU-CVE-2015-7499
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors...
UBUNTU-CVE-2015-7500
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service out-of-bounds heap read via unspecified vectors related to incorrect entities boundaries and start tags...
FreeBSD : libxml2 -- multiple vulnerabilities (e5423caf-8fb8-11e5-918c-bcaec565249c)
reports : CVE-2015-5312 Another entity expansion issue David Drysdale. CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey David Drysdale. CVE-2015-7498 Avoid processing entities after encoding conversion failures Daniel Veillard. CVE-2015-7499 1 Add xmlHaltParser to stop the...
CVE-2015-8317
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an 1 unterminated encoding value or 2 incomplete XML declaration in XML data, which triggers an out-of-bounds heap read...
UBUNTU-CVE-2015-8317
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an 1 unterminated encoding value or 2 incomplete XML declaration in XML data, which triggers an out-of-bounds heap read...