40 matches found
expat: Integer overflow in build_model in xmlparse.c
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
expat: Integer overflow in defineAttribute in xmlparse.c
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
expat: Integer overflow in build_model in xmlparse.c
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
CVE-2022-23852
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
CVE-2022-22824
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
CVE-2022-22826
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
CVE-2022-22823
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
CVE-2021-45960
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to buffer overrun. The highest threat from this vulnerability is to availability...
OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)
It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed...
OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)
It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed...
OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)
It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed...
OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)
It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed...
OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)
It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed...
CVE-2014-5452
CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document containing a table that is improperly handled during unrestricted xsl:copy operations...
Design/Logic Flaw
CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document containing a table that is improperly handled during unrestricted xsl:copy operations...
CVE-2009-2416
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service application crash via crafted 1 Notation or 2 Enumeration attribute types in an XML file, as demonstrated by the...
CVE-2004-1575
The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service CPU consumption via XML attributes in a crafted XML document...
CVE-2004-1575
The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service CPU consumption via XML attributes in a crafted XML document...
Security advisory - Xerces-C++ 2.5.0: Attribute blowup
Security Advisory Xerces-C++ 2.5.0: Attribute blowup denial-of-service Author: Amit Klein Release Date: October 2nd, 2004 Description: An attacker can craft a malicious XML document, which uses XML attributes in a way that inflicts a denial of service condition on the target machine XML parser. T...
xerces-c2 -- Attribute blowup denial-of-service
Amit Klein reports about Xerces-C++: An attacker can craft a malicious XML document, which uses XML attributes in a way that inflicts a denial of service condition on the target machine XML parser. The result of this attack is that the XML parser consumes all the CPU...