RHEL 5 / 6 : libxml2 (RHSA-2012:1512)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1512 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer underflow flaw was found ...

Scientific Linux Security Update : libxml2 on SL5.x, SL6.x i386/x86_64 (20121129)

A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the...

libxml2: Heap-buffer-underflow in xmlParseAttValueComplex

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML...

Important: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

libxml2 security update

2.7.6-8.0.1.el63.4 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-8.el63.4 - fix out of range heap access CVE-2012-5134...

CVE-2012-5134

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML...

CVE-2012-5134

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML...

DEBIAN-CVE-2012-5134

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML...

Heap overflow

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML...

CVE-2012-5134

CVE-2012-5134 is a heap-based buffer underflow in libxml2’s xmlParseAttValueComplex (parser.c) present in libxml2 2.9.0 and earlier, used by Google Chrome up to 23.0.1271.91 and other products. The flaw allows a remote attacker to cause a crash or possibly execute arbitrary code via crafted XML e...

CVE-2012-5134

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML...

CVE-2012-5134

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML...

Fedora 18 : mod_security-2.7.1-3.fc18 / mod_security_crs-2.2.6-3.fc18 (2012-18278)

Update to 2.7.1 - Update Core rules set to 2.2.6 - Fix build against libxml2 = 2.9 upstreamed - Add some missing directives RHBZ 569360 - Fix multipart/invalid part ruleset bypass issue CVE-2012-4528 RHBZ 867424, 867773, 867774 Note that Tenable Network Security has extracted the preceding...

Medium: libxml2

Issue Overview: Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially-crafted XML file that, when opened in an application linked against libxml2,...

Mandriva Update for libxslt MDVSA-2012:164 (libxslt)

Check for the Version of libxslt OpenVAS Vulnerability Test Mandriva Update for libxslt MDVSA-2012:164 libxslt Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Mandriva Linux Security Advisory : libxslt (MDVSA-2012:164)

Multiple vulnerabilities has been discovered and corrected in libxslt : Unspecified vulnerability in XSLT allows remote attackers to obtain potentially sensitive information about heap memory addresses via unknown vectors CVE-2011-1202. libxslt 1.1.26 and earlier does not properly manage memory,...

CVE-2012-3489

The xmlparse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content tha...

Xxe

The xmlparse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content tha...

CVE-2012-3489

CVE-2012-3489 affects PostgreSQL’s core server libxml2 support. The issue arises in the libxml2-based parsing path where the xml_parse function can be manipulated via an XML value that references a DTD or an external entity, enabling remote authenticated users to determine the existence of arbitr...

Ubuntu Update for libxml2 USN-1587-1

Ubuntu Update for Linux kernel vulnerabilities USN-1587-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN15871.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for libxml2 USN-1587-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...