6939 matches found
Moderate: Red Hat Security Advisory: libxml2 security update
Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fro...
RHEL 7 : libxml2 (RHSA-2015:0749)
Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fro...
Mandriva Linux Security Advisory : libxml2 (MDVSA-2015:111)
Updated libxml2 packages fix security vulnerabilities : It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote...
Debian DLA-151-1 : libxml2 security update
It was discovered that the update released for libxml2 in DSA 2978 fixing CVE-2014-0191 was incomplete. This caused libxml2 to still fetch external entities regardless of whether entity substitution or validation is enabled. In addition, this update addresses a regression introduced in DSA 3057 b...
Debian DLA-80-1 : libxml2 security update
Sogeti found a denial of service flaw in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption denial of service...
Debian DLA-16-1 : libxml2 security update
Daniel P. Berrange discovered a denial of service vulnerability in libxml2 entity substitution. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible...
[SECURITY] [DLA 151-1] libxml2 security update
Package : libxml2 Version : 2.7.8.dfsg-2+squeeze11 CVE ID : CVE-2014-0191 CVE-2014-3660 Debian Bug : 768089 It was discovered that the update released for libxml2 in DSA 2978 fixing CVE-2014-0191 was incomplete. This caused libxml2 to still fetch external entities regardless of whether entity...
DLA-151-1 libxml2 - security update
Bulletin has no description...
[SECURITY] [DSA 2978-2] libxml2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2978-2 [email protected] http://www.debian.org/security/ Alessandro Ghedini February 06, 2015 http://www.debian.org/security/faq -...
DSA-2978-2 libxml2 - security update
Bulletin has no description...
VMware ESXi updates address security issues (VMSA-2015-0001) - Remote Version Check
VMware ESXi address several security issues. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
VMware ESXi updates address security issues (VMSA-2015-0001)
VMware ESXi address several security issues. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VMSA-2015-0001 : VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues (POODLE)
a. VMware ESXi, Workstation, Player, and Fusion host privilege escalation vulnerability VMware ESXi, Workstation, Player and Fusion contain an arbitrary file write issue. Exploitation this issue may allow for privilege escalation on the host. The vulnerability does not allow for privilege...
KLA10452 Multiple vulnerabilities in VMware products
Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to gain privileges or cause denial of service. Below is a complete list of vulnerabilities 1. Vectors related to file write can be exploited locally; 2. Improper input validation...
Juniper Junos libxml2 Library Multiple Vulnerabilities (JSA10669)
According to its self-reported version number, the remote Junos device is affected by multiple vulnerabilities in the libxml2 library : - A heap-based buffer overflow vulnerability exists which can result in arbitrary code execution. CVE-2011-1944 - A denial of service vulnerability exists which...
Design/Logic Flaw
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation i...
CVE-2014-0191
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation i...
CVE-2014-0191
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation i...
CVE-2014-0191
CVE-2014-0191 affects libxml2 up to version 2.9.1, where xmlParserHandlePEReference can load external parameter entities even when entity substitution or validation is disabled. This vulnerability can be exploited by processing crafted XML to cause resource consumption and denial of service in af...
CVE-2014-0191
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation i...