libxml2: User-assisted execution of arbitrary code

Background libxml2 is the XML C parser and toolkit developed for the Gnome project. Description The "xmlStringLenDecodeEntities" function in parser.c contains a boundary error which could possibly cause a heap-based buffer overflow. Impact A remote attacker could entice a user to open a specially...

FreeBSD : libxml2 -- heap buffer overflow (57f1a624-6197-11e1-b98c-bcaec565249c)

Google chrome team reports : Heap-based buffer overflow in libxml2, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : libxml2 vulnerability (USN-1376-1)

Juraj Somorovsky discovered that libxml2 was vulnerable to hash table collisions. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause a denial of service. Note that Tenable Network Security has extracted the preceding...

USN-1376-1: libxml2 vulnerability

Juraj Somorovsky discovered that libxml2 was vulnerable to hash table collisions. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause a denial of service...

RedHat Update for libxml2 RHSA-2012:0324-01

Check for the Version of libxml2 OpenVAS Vulnerability Test RedHat Update for libxml2 RHSA-2012:0324-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Update for libxml2 RHSA-2012:0324-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[ MDVSA-2012:023 ] libxml2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:023 http://www.mandriva.com/security/ Package : libxml2 Date : February 22, 2012 Affected: 2010.1, 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in libxml2: I...

CentOS 6 : libxml2 (CESA-2012:0324)

Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Debian DSA-2417-1 : libxml2 - computational denial of service

It was discovered that the internal hashing routine of libxml2, a library providing an extensive API to handle XML data, is vulnerable to predictable hash collisions. Given an attacker with knowledge of the hashing algorithm, it is possible to craft input that creates a large amount of collisions...

[SECURITY] [DSA 2417-1] libxml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2417-1 [email protected] http://www.debian.org/security/ Nico Golde February 22, 2012 http://www.debian.org/security/faq -...

libxml2 security update

CentOS Errata and Security Advisory CESA-2012:0324 Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS...

CVE-2012-0841

libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted XML data...

RHEL 5 / 6 : libxml2 (RHSA-2012:0324)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0324 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. It was found that the hashing routine used by...

DSA-2417-1 libxml2 - denial of service

Bulletin has no description...

Moderate: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

libxml2: hash table collisions CPU usage DoS

libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted XML data...

libxml2 security update

2.7.6-4.0.1.el62.4 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-4.el62.4 - remove chunk in patch related to configure.in as it breaks rebuild - Resolves: rhbz788845 2.7.6-4.el62.3 - fix previous build to force compilation of...

(RHSA-2012:0168) Important: rhev-hypervisor5 security and bug fix update

The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine KVM hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Re...

FreeBSD Ports: chromium

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: libxml

The remote host is missing an update to the system as announced in the referenced advisory. VID ce4b3af8-0b7c-11e1-846b-00235409fd3e OpenVAS Vulnerability Test $ Description: Auto generated from VID ce4b3af8-0b7c-11e1-846b-00235409fd3e Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...