DEBIAN-CVE-2009-2414

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service application crash via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the...

CVE-2009-2414

CVE-2009-2414 and CVE-2009-2416 affect libxml2/libxml (legacy 2.5.10/2.6.x and libxml1 1.8.17). CVE-2009-2414 is a stack-growth/recursion issue in DTD processing (depth of element declarations) leading to DoS via application crash; CVE-2009-2416 involves use-after-free via crafted Notation or Enu...

CVE-2009-2414

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service application crash via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the...

mingw32-libxml2: Stack overflow by parsing root XML element DTD definition

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service application crash via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the...

Mandriva Linux Security Advisory : libexif (MDVSA-2008:005)

An infinite recursion flaw was found in the way that libexif parses Exif image tags. A carefully crafted Exif image file opened by an application linked against libexif could cause the application to crash CVE-2007-6351. An integer overflow flaw was also found in how libexif parses Exif image tag...

Mandriva Update for libexif MDVSA-2008:005 (libexif)

Check for the Version of libexif OpenVAS Vulnerability Test Mandriva Update for libexif MDVSA-2008:005 libexif Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Ubuntu Update for kdegraphics, koffice, poppler vulnerability USN-410-1

Ubuntu Update for Linux kernel vulnerabilities USN-410-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4101.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for kdegraphics, koffice, poppler vulnerability USN-410-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks...

RedHat Update for libexif RHSA-2007:1165-01

Check for the Version of libexif OpenVAS Vulnerability Test RedHat Update for libexif RHSA-2007:1165-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mozilla / Firefox / Firebird / Netscape array overflow

Array ovrflow on high marquee tag recursion level...

DoS against multiple e-mail applications and anti-viruses

MIME messages with large recursion level may cause application to hang or crash...

GLSA-200812-06 : libxml2: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200812-06 libxml2: Multiple vulnerabilities Multiple vulnerabilities were reported in libxml2: Andreas Solberg reported that libxml2 does not properly detect recursion during entity expansion in an attribute value CVE-2008-3281. A...

ClamAV antivirus JPEG files DoS

Endless recursion on malformed JPEG file processing...

dns-recursion NSE Script

Checks if a DNS server allows queries for third-party names. It is expected that recursion will be enabled on your own internal nameservers. Example Usage nmap -sU -p 53 --script=dns-recursion Script Output PORT STATE SERVICE REASON 53/udp open domain udp-response |dns-recursion: Recursion appear...

FreeBSD Ports: libxml2

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Fedora 8 : libxml2-2.6.32-2.fc8 (2008-7724)

Mon Aug 25 2008 Daniel Veillard 2.6.31-2.fc8 - fix for entities recursion problem - Resolve: rhbz459712 - Fri Apr 11 2008 Daniel Veillard 2.6.32-1.fc8 - upstream release 2.6.32 see http://xmlsoft.org/news.html - many bugs fixed upstrea - Fri Jan 11 2008 Daniel Veillard 2.6.31-1.fc8 - upstream...

Fedora 9 : libxml2-2.6.32-3.fc9 (2008-7395)

Mon Aug 25 2008 Daniel Veillard 2.6.31-3.fc9 - fix for entities recursion problem - Resolve: rhbz459713 - Thu May 15 2008 Daniel Veillard 2.6.31-2.fc9 - try to fix multiarch problems like 440206 Note that Tenable Network Security has extracted the preceding description block directly from the...

FreeBSD Ports: bind

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: powerdns

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: powerdns

The remote host is missing an update to the system as announced in the referenced advisory. VID 43a7b0a7-f9bc-11d9-b473-00061bc2ad93 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

CVE-2003-1564

libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, aka the "billion laughs...