17 matches found
[SECURITY] Fedora 43 Update: expat-2.8.1-1.fc43
This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...
[SECURITY] Fedora 44 Update: mingw-expat-2.8.1-1.fc44
This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...
SUSE CVE-2009-1232
Mozilla Firefox 3.0.8 and earlier 3.0.x versions allows remote attackers to cause a denial of service memory corruption via an XML document composed of a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 3.0.10 and earlier are also affected...
SUSE CVE-2009-1234
Opera 9.64 allows remote attackers to cause a denial of service application crash via an XML document containing a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 9.52 is also affected...
Denial-of-Service (DoS)
libxml2.so is vulnerable to denial of service attack. This is due to incorrect entity boundaries and start tags which could lead to out-of-bounds heap read in the xmlParseMisc function in parser.c, allowing a context-dependent attacker to cause a denial of service condition...
Out-of-bounds
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service out-of-bounds heap read via unspecified vectors related to incorrect entities boundaries and start tags...
CVE-2015-7500
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service out-of-bounds heap read via unspecified vectors related to incorrect entities boundaries and start tags...
UBUNTU-CVE-2015-7500
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service out-of-bounds heap read via unspecified vectors related to incorrect entities boundaries and start tags...
DEBIAN-CVE-2010-1677
MHonArc 2.6.16 allows remote attackers to cause a denial of service CPU consumption via start tags that are placed within other start tags, as demonstrated by a dydydydy sequence, a different vulnerability than CVE-2010-4524...
CVE-2010-1677
MHonArc 2.6.16 allows remote attackers to cause a denial of service CPU consumption via start tags that are placed within other start tags, as demonstrated by a dydydydy sequence, a different vulnerability than CVE-2010-4524...
Design/Logic Flaw
MHonArc 2.6.16 allows remote attackers to cause a denial of service CPU consumption via start tags that are placed within other start tags, as demonstrated by a dydydydy sequence, a different vulnerability than CVE-2010-4524...
CVE-2010-1677
MHonArc 2.6.16 allows remote attackers to cause a denial of service CPU consumption via start tags that are placed within other start tags, as demonstrated by a dydydydy sequence, a different vulnerability than CVE-2010-4524...
CVE-2010-1677
MHonArc 2.6.16 allows remote attackers to cause a denial of service CPU consumption via start tags that are placed within other start tags, as demonstrated by a dydydydy sequence, a different vulnerability than CVE-2010-4524...
Opera 10.10 - XML Parser Denial of Service (PoC)
Opera 10.10 - XML Parser Denial of Service PoC From tiny islands of maldivies d3b4g.info Tested: version 10.10 Tested on windows XP SP3 20-01-2010 special thanks to peter Van Eeckhoutte after opening the opera.html broswer hang for a while and crush.same bug in firefox too :d This vulnerability...
CVE-2009-2668
Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through 7.0.6000.16473 allows remote attackers to cause a denial of service CPU consumption via an XML document composed of a long series of start-tags with no corresponding end-tags, a related issue to CVE-2009-1232...
CVE-2009-1232
Mozilla Firefox 3.0.8 and earlier 3.0.x versions allows remote attackers to cause a denial of service memory corruption via an XML document composed of a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 3.0.10 and earlier are also affected...
CVE-2009-1234
Opera 9.64 allows remote attackers to cause a denial of service application crash via an XML document containing a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 9.52 is also affected...