75 matches found
Mageia: Security Advisory (MGASA-2019-0159)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2017-0103)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated mxml packages fix security vulnerabilities
Updated mxml packages fix security vulnerabilities: An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml CVE-2018-2000...
MGASA-2019-0159 Updated mxml packages fix security vulnerabilities
Updated mxml packages fix security vulnerabilities: An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml CVE-2018-2000...
Fedora Update for mxml FEDORA-2019-f99619e34d
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 30 : mxml (2019-4182dd32eb)
Update to 3.0. License has changed to ASL 2.0 + exception. See https://github.com/michaelrsweet/mxml/releases/tag/v3.0 for more info. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...
Fedora Update for mxml FEDORA-2019-d333d01e08
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 28 Update: mxml-3.0-1.fc28
Mini-XML is a small XML parsing library that you can use to read XML and XML-like data files in your application without requiring large non-standard libraries...
Fedora 28 : mxml (2019-d333d01e08)
Update to 3.0. License has changed to ASL 2.0 + exception. See https://github.com/michaelrsweet/mxml/releases/tag/v3.0 for more info. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...
Debian DLA-1641-1 : mxml security update
Several stack exhaustion conditions were found in mxml that can easily crash when parsing xml files. CVE-2016-4570 The mxmlDelete function in mxml-node.c allows remote attackers to cause a denial of service stack consumption via crafted xml file. CVE-2016-4571 The mxmlwritenode function in...
[SECURITY] [DLA 1641-1] mxml security update
Package : mxml Version : 2.6-2+deb8u1 CVE ID : CVE-2016-4570 CVE-2016-4571 CVE-2018-20004 Debian Bug : 825855 918007 Several stack exhaustion conditions were found in mxml that can easily crash when parsing xml files. CVE-2016-4570 The mxmlDelete function in mxml-node.c allows remote attackers to...
DLA-1641-1 mxml - security update
Bulletin has no description...
Debian: Security Advisory (DLA-1641-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mini-XML Denial of Service Vulnerability
Mini-XML also known as mxml is a small XML parser developed using the C language . A denial of service vulnerability exists in the 'mxmlAdd' function of the mxml-node.c file in Mini-XML version 2.12. A remote attacker can exploit this vulnerability with a specially crafted xml file to cause a...
CVE-2018-20592
In Mini-XML aka mxml v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc...
Design/Logic Flaw
In Mini-XML aka mxml v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc...
CVE-2018-20592
In Mini-XML aka mxml v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc...
CVE-2018-20593
CVE-2018-20593 affects Mini-XML (mxml) 2.12, with a stack-based buffer overflow in the scan_file function of mxmldoc.c. Connected advisories confirm the issue across multiple distributions and track a set of related CVEs (CVE-2018-20004, -20005, -20592, -20593), indicating the vulnerability arise...
CVE-2018-20592
CVE-2018-20592 affects Mini-XML (mxml) 2.12, with a use-after-free in mxmlAdd in mxml-node.c that can cause denial of service via a crafted XML file (as shown by mxmldoc). Connected sources indicate fixes in newer mxml releases (e.g., Fedora/Mageia advisories referencing updates to v3.0 and relat...
CVE-2018-20593
In Mini-XML aka mxml v2.12, there is stack-based buffer overflow in the scanfile function in mxmldoc.c...