Lucene search
K

40 matches found

RedHat Linux
RedHat Linux
added 2022/03/14 10:48 a.m.6 views

expat: Integer overflow in build_model in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS7.5AI score0.03404EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/14 10:48 a.m.4 views

expat: Integer overflow in defineAttribute in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS7.5AI score0.03404EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/10 4:37 p.m.4 views

expat: Integer overflow in build_model in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS7.5AI score0.03404EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2022/01/24 8:21 p.m.45 views

CVE-2022-23852

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS2.1AI score0.04525EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/01/24 5:32 p.m.60 views

CVE-2022-22824

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS2.1AI score0.03404EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/01/24 5:32 p.m.39 views

CVE-2022-22826

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

8.8CVSS2.1AI score0.02801EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/01/24 5:32 p.m.43 views

CVE-2022-22823

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS2.1AI score0.03404EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/01/24 4:55 p.m.50 views

CVE-2021-45960

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to buffer overrun. The highest threat from this vulnerability is to availability...

9CVSS1.1AI score0.04234EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/04/21 2:58 p.m.9 views

OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)

It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed...

5CVSS7.3AI score0.038EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/04/21 2:58 p.m.5 views

OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)

It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed...

5CVSS7.3AI score0.038EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/04/21 2:42 p.m.9 views

OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)

It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed...

5CVSS7.3AI score0.038EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/04/20 7:35 p.m.4 views

OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)

It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed...

5CVSS7.3AI score0.038EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/04/20 7:34 p.m.8 views

OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)

It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed...

5CVSS7.3AI score0.038EPSS
Exploits0References5
NVD
NVD
added 2014/09/02 10:55 a.m.16 views

CVE-2014-5452

CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document containing a table that is improperly handled during unrestricted xsl:copy operations...

4.3CVSS5.9AI score0.0205EPSS
Exploits1References6
Prion
Prion
added 2014/09/02 10:55 a.m.10 views

Design/Logic Flaw

CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document containing a table that is improperly handled during unrestricted xsl:copy operations...

4.3CVSS6.3AI score0.0205EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2009/08/11 6:30 p.m.6 views

CVE-2009-2416

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service application crash via crafted 1 Notation or 2 Enumeration attribute types in an XML file, as demonstrated by the...

6.5CVSS6.7AI score0.03121EPSS
Exploits2References40
Cvelist
Cvelist
added 2005/02/20 5:0 a.m.26 views

CVE-2004-1575

The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service CPU consumption via XML attributes in a crafted XML document...

6.4AI score0.06192EPSS
Exploits0References4
NVD
NVD
added 2004/12/31 5:0 a.m.27 views

CVE-2004-1575

The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service CPU consumption via XML attributes in a crafted XML document...

5CVSS6.5AI score0.06192EPSS
Exploits0References4
securityvulns
securityvulns
added 2004/10/04 12:0 a.m.24 views

Security advisory - Xerces-C++ 2.5.0: Attribute blowup

Security Advisory Xerces-C++ 2.5.0: Attribute blowup denial-of-service Author: Amit Klein Release Date: October 2nd, 2004 Description: An attacker can craft a malicious XML document, which uses XML attributes in a way that inflicts a denial of service condition on the target machine XML parser. T...

1.9AI score
Exploits0
FreeBSD
FreeBSD
added 2004/10/02 12:0 a.m.11 views

xerces-c2 -- Attribute blowup denial-of-service

Amit Klein reports about Xerces-C++: An attacker can craft a malicious XML document, which uses XML attributes in a way that inflicts a denial of service condition on the target machine XML parser. The result of this attack is that the XML parser consumes all the CPU...

4.4AI score
Exploits0References1
Rows per page
Query Builder