[SECURITY] Fedora 17 Update: python-feedparser-5.1.2-2.fc17

Universal Feed Parser is a Python module for downloading and parsing syndicated feeds. It can handle RSS 0.90, Netscape RSS 0.91, Userland RSS 0.91, RSS 0.92, RSS 0.93, RSS 0.94, RSS 1.0, RSS 2.0, Atom 0.3, Atom 1.0, and CDF feeds. It also parses several popular extension modules, including Dubli...

CVE-2007-2726

BitsCast 0.13.0 allows remote attackers to cause a denial of service application crash via an RSS 2.0 feed item with certain invalid strings in a pubDate element, as demonstrated by repeated "../A" or "A/../" patterns...

Design/Logic Flaw

BitsCast 0.13.0 allows remote attackers to cause a denial of service application crash via an RSS 2.0 feed item with certain invalid strings in a pubDate element, as demonstrated by repeated "../A" or "A/../" patterns...

CVE-2007-2726

BitsCast 0.13.0 allows remote attackers to cause a denial of service application crash via an RSS 2.0 feed item with certain invalid strings in a pubDate element, as demonstrated by repeated "../A" or "A/../" patterns...

CVE-2007-2726

CVE-2007-2726 affects BitsCast 0.13.0. The vulnerability arises in RSS 2.0 feed item parsing, where certain invalid strings in a pubDate element (for example, patterns like "../A" or "A/../") can cause the application to crash, yielding a denial of service. The available sources (NVD/CVE pages) c...

bitscast-dos.txt

BitsCast 0.13.0 Remote Denial of Service Credits: gbr Tested on Windows XP SP2 BitsCast crashes when receiving a RSS 2.0 feed item with a invalid string in sub-element 'pubDate'. '../A' x 8, 'A/../' x 8, and others. PoC: Test Remote DoS PoC ../A../A../A../A../A../A../A../A../A../A../A../A...

newzcrawler-dos.txt

NewzCrawler 1.8 Remote Denial of Service Credits: gbr Tested on Windows XP SP2 NewzCrawler 1.8 becomes usntable and begin crash when parsering the 'url' atribute of 'enclosure' sub-element contends some invalid string at time of show a new item of a RSS 2.0 file. '%s', '%Y', '%%', 'n,', and other...

NewzCrawler 1.8 (invalid string) Remote Denial of Service Exploit

No description provided by source. NewzCrawler 1.8 Remote Denial of Service Credits: gbr Tested on Windows XP SP2 NewzCrawler 1.8 becomes usntable and begin crash when parsering the 'url' atribute of 'enclosure' sub-element contends some invalid string at time of show a new item of a RSS 2.0 file...

NewzCrawler 1.8 - invalid string Remote Denial of Service

NewzCrawler 1.8 Remote Denial of Service Credits: gbr Tested on Windows XP SP2 NewzCrawler 1.8 becomes usntable and begin crash when parsering the 'url' atribute of 'enclosure' sub-element contends some invalid string at time of show a new item of a RSS 2.0 file. '%s', '%Y', '%%', 'n,', and...

BitsCast 0.13.0 (invalid string) Remote Denial of Service Exploit

No description provided by source. BitsCast 0.13.0 Remote Denial of Service Credits: gbr Tested on Windows XP SP2 BitsCast crashes when receiving a RSS 2.0 feed item with a invalid string in sub-element 'pubDate'. '../A' x 8, 'A/../' x 8, and others. PoC: ?xml version="1.0"? rss version="2.0"...

BitsCast 0.13.0 - invalid string Remote Denial of Service

BitsCast 0.13.0 - invalid string Remote Denial of Service BitsCast 0.13.0 Remote Denial of Service Credits: gbr Tested on Windows XP SP2 BitsCast crashes when receiving a RSS 2.0 feed item with a invalid string in sub-element 'pubDate'. '../A' x 8, 'A/../' x 8, and others. PoC: Test Remote DoS Po...

BitsCast 0.13.0 (invalid string) Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ================================================================= BitsCast 0.13.0 invalid string Remote Denial of Service Exploit ================================================================= BitsCast 0.13.0 Remote Denial of Service Credits:...

NewzCrawler 1.8 - invalid string Remote Denial of Service

NewzCrawler 1.8 - invalid string Remote Denial of Service NewzCrawler 1.8 Remote Denial of Service Credits: gbr Tested on Windows XP SP2 NewzCrawler 1.8 becomes usntable and begin crash when parsering the 'url' atribute of 'enclosure' sub-element contends some invalid string at time of show a...