6939 matches found
GLSA-201507-08 : libxml2: Denial of Service
The remote host is affected by the vulnerability described in GLSA-201507-08 libxml2: Denial of Service libxml2 returns the empty string when the allocation limit is encountered while constructing the attribute value string. Impact : A remote attacker may be able to cause Denial of Service via a...
libxml2: Denial of service
Background libxml2 is the XML C parser and toolkit developed for the Gnome project. Description libxml2 returns the empty string when the allocation limit is encountered while constructing the attribute value string. Impact A remote attacker may be able to cause Denial of Service via a specially...
Debian DLA-266-1 : libxml2 security update
This upload to Debian squeeze-lts fixes three issues found in the libxml2 package. 1 CVE-2015-1819 / 782782 Florian Weimer from Red Hat reported an issue against libxml2, where a parser which uses libxml2 chokes on a crafted XML document, allocating gigabytes of data. This is a fine line issue...
[SECURITY] [DLA 266-1] libxml2 security update
Package : libxml2 Version : 2.7.8.dfsg-2+squeeze12 CVE ID : CVE-2015-1819 Debian Bug : 782782 782985 783010 This upload to Debian squeeze-lts fixes three issues found in the libxml2 package. 1 CVE-2015-1819 / 782782 Florian Weimer from Red Hat reported an issue against libxml2, where a parser whi...
DLA-266-1 libxml2 - security update
Bulletin has no description...
FreeBSD : libxml2 -- Enforce the reader to run in constant memory (9c7177ff-1fe1-11e5-9a01-bcaec565249c)
Daniel Veilland reports : Enforce the reader to run in constant memory. One of the operation on the reader could resolve entities leading to the classic expansion issue. Make sure the buffer used for xmlreader operation is bounded. Introduce a new allocation type for the buffers for this effect...
SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2015:0003-1)
This libxml2 update fixes the following security and non-security issues : - Fix a denial of service via recursive entity expansion. CVE-2014-3660, bnc901546, bgo738805 - Fix a regression in xzlib compression support. bnc908376 Note that Tenable Network Security has extracted the preceding...
SUSE SLES10 Security Update : libxml2 (SUSE-SU-2013:1627-1)
libxml2 has been updated to fix the following security issue : - CVE-2013-0338: libxml2 allowed context-dependent attackers to cause a denial of service CPU and memory consumption via an XML file containing an entity declaration with long replacement text and many references to this entity, aka...
[SECURITY] Fedora 20 Update: perl-XML-LibXML-2.0119-1.fc20
This module implements a Perl interface to the GNOME libxml2 library which provides interfaces for parsing and manipulating XML files. This module allows Perl programmers to make use of the highly capable validating XML parser and the high performance DOM implementation...
[SECURITY] Fedora 21 Update: perl-XML-LibXML-2.0119-1.fc21
This module implements a Perl interface to the GNOME libxml2 library which provides interfaces for parsing and manipulating XML files. This module allows Perl programmers to make use of the highly capable validating XML parser and the high performance DOM implementation...
USN-2592-1: XML::LibXML vulnerability
Tilmann Haak discovered that XML::LibXML incorrectly handled the expandentities parameter in certain situations. A remote attacker could possibly use this issue to access sensitive information...
[USN-2592-1] XML::LibXML vulnerability
========================================================================== Ubuntu Security Notice USN-2592-1 May 04, 2015 libxml-libxml-perl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
[SECURITY] [DSA 3243-1] libxml-libxml-perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3243-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 01, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3243-1 (libxml-libxml-perl - security update)
Tilmann Haak from xing.com discovered that XML::LibXML, a Perl interface to the libxml2 library, did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending ...
DSA-3243-1 libxml-libxml-perl - security update
Bulletin has no description...
Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the mingw32-libxml2-2.7.6 package of the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities of the mingw32-libxml2-debuginfo-2.7.6 package for the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...
The vulnerability of the Libxml2 software library for analyzing XML documents lies in the fact that an out-of-bound operation can be executed, allowing an attacker to cause a service failure.
The vulnerability of the Libxml2 software library for analyzing XML documents relates to the execution of operations beyond the acceptable data buffer limits. Exploiting this vulnerability allows a malicious actor to cause service failures...
Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the accessibility of protected information
The multiple vulnerabilities in the libxml2 package up to version 2.7.3-r2 of the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the libxml2-test package for the SUSE Linux Enterprise operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...