9 matches found
USN-3271-1: Libxslt vulnerabilities
Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service application crash or possible execute arbitrary code. CVE-2017-5029 Nicolas Gregoire discovere...
Updated xalan-j2 packages fix CVE-2014-0107
Updated xalan-j2 packages fix security vulnerability: Nicolas Gregoire discovered several vulnerabilities in libxalan2-java. Crafted XSLT programs could access system properties or load arbitrary classes, resulting in information disclosure and, potentially, arbitrary code execution CVE-2014-0107...
[SECURITY] [DSA 2654-1] libxslt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2654-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 03, 2013 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2654-1 (libxslt - denial of service)
Nicolas Gregoire discovered that libxslt, an XSLT processing runtime library, is prone to denial of service vulnerabilities via crafted XSL stylesheets. OpenVAS Vulnerability Test $Id: deb2654.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory DSA 2654-1 using nvtgen 1.0 Scrip...
Debian DSA-2400-1 : iceweasel - several vulnerabilities
Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. - CVE-2011-3670 Gregory Fleischer discovered that IPv6 URLs were incorrectly parsed, resulting i...
OpenSLP 1.2.1 1647 trunk - Denial of Service
OpenSLP 1.2.1 1647 trunk - Denial of Service !/usr/bin/python Title: OpenSLP DoS Author: Nicolas Gregoire @AgarriFR CVE: 2010-3609 Software download: http://www.openslp.org/download.html Version: v1.2.1 and trunk before revision 1647 Tested on: Linux Ubuntu 10.04, VMware ESX 4.0 Notes: It affects...
OpenSLP 1.2.1 / < 1647 trunk - Denial of Service
!/usr/bin/python Title: OpenSLP DoS Author: Nicolas Gregoire @AgarriFR CVE: 2010-3609 Software download: http://www.openslp.org/download.html Version: v1.2.1 and trunk before revision 1647 Tested on: Linux Ubuntu 10.04, VMware ESX 4.0 Notes: It affects some others SLP softwares, like mSLP. More...
RHEL 4 / 5 : xmlsec1 (RHSA-2011:0486)
The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:0486 advisory. The XML Security Library is a C library based on libxml2 and OpenSSL that implements the XML Digital Signature and XML Encryption standards. A fl...
VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.
a. Service Location Protocol daemon DoSThis patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon SLPD. Exploitation of this vulnerability could cause SLPD to consume significant CPU resources.VMware would like to thank Nicolas Gregoire and US CERT for reporting th...