6939 matches found
OracleVM 3.3 : libxml2 (OVMSA-2014-0031)
The remote OracleVM system is missing necessary patches to address critical security updates : - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball - CVE-2014-3660 denial of service via recursive entity expansion rhbz1149085 - Fix a set of regressio...
OracleVM 2.1 : libxml2 (OVMSA-2009-0018)
The remote OracleVM system is missing necessary patches to address critical security updates : - Add bug347316.patch to backport fix for bug347316 from upstream version - Add libxml2-enterprise.patch and update logos in tarball - Fix a couple of crash CVE-2009-2414, CVE-2009-2416 - Resolves:...
Fedora 19 : libxml2-2.9.1-2.fc19 (2014-13047)
New variants for the billion laugh DOS attacks Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora Update for libxml2 FEDORA-2014-13047
Check the version of libxml2 SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868508";...
RHEL 5 : libxml2 (RHSA-2014:1885)
Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fro...
Scientific Linux Security Update : libxml2 on SL5.x i386/x86_64 (20141120)
A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption denial of service bas...
Oracle Linux 5 : libxml2 (ELSA-2014-1885)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-1885 advisory. - CVE-2014-3660 denial of service via recursive entity expansion rhbz1161841 Tenable has extracted the preceding description block directly from the Oracle Linu...
CentOS 5 : libxml2 (CESA-2014:1885)
Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fro...
libxml2 security update
CentOS Errata and Security Advisory CESA-2014:1885 Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...
libxml2: denial of service via recursive entity expansion
A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption denial of service bas...
Moderate: Red Hat Security Advisory: libxml2 security update
Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fro...
libxml2 security update
2.6.26-2.1.25.0.1.el511 - Add libxml2-enterprise.patch - Replaced doc/redhat.gif in tarball with updated image 2.6.26-2.1.25.el5 - CVE-2014-3660 denial of service via recursive entity expansion rhbz1161841 2.6.26-2.1.24.el5 - fixed one regexp bug and added a rhbz922450 - Another small change on t...
Amazon Linux AMI : libxml2 (ALAS-2014-444)
A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption denial of service bas...
SuSE 11.3 Security Update : libxml2 (SAT Patch Number 9914)
This update fixes a denial of service via recursive entity expansion. CVE-2014-3660 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc. if NASLLEVEL...
Medium: libxml2
Issue Overview: A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption denia...
AIX 7.1 TL 3 : bos.rte.control (U862099)
The remote host is missing AIX PTF U862099, which is related to the security of the package bos.rte.control. Libxml2 is vulnerable to a denial of service, caused by the expansion of internal entities within the xmlParserHandlePEReference. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
CVE-2014-3660
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...
CVE-2014-3660
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...
DEBIAN-CVE-2014-3660
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...
Privilege escalation
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...