107 matches found
CVE-2021-21830
AT&T Labs Xmill 0.7 contains a heap-based buffer overflow in the XML Decompression LabelDict::Load path that can be triggered by a crafted XMI file, leading to remote code execution. CVE-2021-21830 is the assigned identifier for this vulnerability, with Red Hat and CVE listings reiterating the sa...
AT&T Labs Xmill 缓冲区错误漏洞
AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs, USA. A security vulnerability exists in AT&T Labs Xmill due to a boundary error in the xml parsing ParseAttribs function. A remote attacker could exploit the vulnerability could send a specially crafted XML file,...
AT&T Labs Xmill 缓冲区错误漏洞
AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs, USA. A buffer error vulnerability exists in AT&T Labs Xmill due to a boundary error in the command line parsing HandleFileArg function in memcpy. A local user can use a specially crafted command line argument to...
AT&T Labs Xmill 参数注入漏洞
AT&T Labs Xmill is a new tool for efficient compression of XML data from AT&T Labs, USA. AT&T Labs Xmill suffers from a parameter injection vulnerability that exists due to a boundary error in the command line parsing HandleFileArg function in strlen. A local user can use a specially crafted...
AT&T Labs Xmill 缓冲区错误漏洞
Xmill is an efficient compressor of XML data. a stack buffer overflow vulnerability exists in the command line parsing HandleFileArg function in Xmill version 0.7. An attacker could exploit the vulnerability by providing malicious input via the filepattern parameter to cause a denial of service...
AT&T Labs Xmill XML parsing CreateLabelOrAttrib memory corruption vulnerability
Summary A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs’ Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions AT&T Labs Xmill 0...
AT&T Labs Xmill 数字错误漏洞
AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs. A numeric error vulnerability exists in AT&T Labs Xmill that stems from a memory corruption vulnerability in the parsing CreateLabelOrAttrib function. A specially crafted XML file could result in a heap buffer...
Vulnerability Spotlight: Multiple vulnerabilities in AT&T Labs’ Xmill utility
Carl Hurd of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in AT&T Labs’ Xmill utility. An attacker could take advantage of these issues to carry out a variety of malicious actions, including corrupting the... This is...
AT&T Labs Xmill XML decompression DecodeTreeBlock multiple heap-based buffer overflow vulnerabilities
Summary Multiple heap-based buffer overflow vulnerabilities exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. A specially crafted XMI File can lead to remote code execution. An attacker can provide a malicious file to trigger these vulnerabilities. Tested...
AT&T Labs Xmill 缓冲区错误漏洞
AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs, USA. A security vulnerability exists in the XML Decompression DecodeTreeBlock feature of AT&T Labs Xmill 0.7, which allows an attacker to supply a specially crafted XMI file leading to remote code execution...
PT-2021-7815 · Xmill · Xmill
Name of the Vulnerable Software and Affected Versions: Xmill version 0.7 Description: The issue is related to a heap-based buffer overflow error in the PlainTextUncompressor::UncompressItem function when handling XML files. This can be exploited by a remote attacker to execute arbitrary code by...
PT-2021-7820 · At&T · At&T Labs Xmill
Name of the Vulnerable Software and Affected Versions: AT&T Labs Xmill version 0.7 Description: A heap-based buffer overflow issue exists in the XML Decompression DecodeTreeBlock functionality. Within DecodeTreeBlock, which is called during the decompression of an XMI file, a UINT32 is loaded fro...
AT&T Labs Xmill XML decompression EnumerationUncompressor::UncompressItem heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability...
PT-2021-7823 · Xmill · Xmill
Name of the Vulnerable Software and Affected Versions: Xmill affected versions not specified Description: The issue is related to a memory boundary error in the HandleFileArg function of the Xmill XML compression tool when processing an XML file. This can be exploited by a local attacker to execu...
AT&T Labs Xmill 缓冲区错误漏洞
AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs, USA. A security vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem function in AT&T Labs Xmill version 0.7. An attacker could exploit the vulnerability to remotely execute code...
AT&T Labs Xmill XML decompression PlainTextUncompressor::UncompressItem heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability...
AT&T Labs Xmill 缓冲区错误漏洞
AT&T Labs Xmill is a new tool for efficient compression of XML data from AT&T Labs, USA. A security vulnerability exists in the XML Decompression LabelDict::Load function in AT&T Labs Xmill version 0.7. An attacker could exploit the vulnerability to remotely execute code...
AT&T Labs Xmill XML decompression LabelDict::Load heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the XML Decompression LabelDict::Load functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions AT&T La...
AT&T Labs Xmill 缓冲区错误漏洞
AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs, USA. A security vulnerability exists in the XML Decompression DecodeTreeBlock feature of AT&T Labs Xmill 0.7, which allows an attacker to supply a specially crafted XMI file leading to remote code execution...
PT-2021-7814 · Xmill · Xmill
Name of the Vulnerable Software and Affected Versions: Xmill version 0.7 Description: A memory corruption issue exists in the XML-parsing CreateLabelOrAttrib functionality. This can be triggered by a specially crafted XML file, leading to a heap buffer overflow. An attacker can exploit this by...