2722 matches found
CVE-2004-2244
The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service CPU and memory consumption via a SOAP message containing a...
CVE-2004-2244
The CVE-2004-2244 entry affects Oracle XML parsing in Oracle Application Server Release 2 (9i) and Database Server Release 2, across multiple versions (9.0.3.0/9.0.3.1, 9.0.2.3 and earlier, Release 1 1.0.2.x, and 9.2.0.1 and later). It describes a denial-of-service condition triggered by processi...
CVE-2004-1575
CVE-2004-1575 affects Xerces-C++ 2.5.0, where the XML parser can be induced to consume CPU (DoS) by crafted XML attributes. Public references (NVD/NIST, CVE records) classify the impact as a Denial of Service with a base score of 5.0 (Medium). Connected sources corroborate that the DoS arises fro...
CVE-2004-1378
The expat XML parser code, as used in the open source Jabber jabberd 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service application crash via a malformed packet to a socket that accepts XML connections...
CVE-2004-1378
The CVE-2004-1378 issue affects jabberd (open-source Jabber server) up to version 1.4.3 and earlier, where the embedded expat XML parser can be exploited by a malformed XML packet received on an XML-capable socket to trigger an application crash (DoS). Affected components include jabberd 1.4.3 an...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service CPU consumption via XML attributes in a crafted XML document. Remediation There is no fixed version for xerces-c. References ...
CVE-2004-1575
The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service CPU consumption via XML attributes in a crafted XML document...
CVE-2004-2244
The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service CPU and memory consumption via a SOAP message containing a...
Microsoft IIS 5.x/6.0 WebDAV (XML parser) attribute blowup DoS
//////////////////////////////////////////////////////////////////// //==================== Security Advisory =====================// //////////////////////////////////////////////////////////////////// -------------------------------------------------------------------- ----- IIS 5.x/6.0 WebDAV...
CVE-2004-1378
The expat XML parser code, as used in the open source Jabber jabberd 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service application crash via a malformed packet to a socket that accepts XML connections...
jabberd -- denial-of-service vulnerability
José Antonio Calvo discovered a bug in the Jabber 1.x server. According to Matthias Wimmer: Without this patch, it is possible to remotly crash jabberd14, if there is access to one of the following types of network sockets: Socket accepting client connections Socket accepting connections from oth...
EUVD-2002-1507
Buffer overflow in XML parser in wsabi.dll of Winamp 3 1.0.0.488 allows remote attackers to execute arbitrary code via a skin file .wal with a long include file tag...
CVE-2002-1524
Buffer overflow in XML parser in wsabi.dll of Winamp 3 1.0.0.488 allows remote attackers to execute arbitrary code via a skin file .wal with a long include file tag...
Multiple vendor SOAP server (XML parser) denial of service (DTD parameter entities)
/////////////////////////////////////////////////////////////////////////////// //========================== Security Advisory ==========================// ///////////////////////////////////////////////////////////////////////////////...
Multiple Vendor SOAP server (XML parser) attribute blowup DoS
/////////////////////////////////////////////////////////////////////////////// //========================== Security Advisory ==========================// ///////////////////////////////////////////////////////////////////////////////...
CVE-2002-1524
Buffer overflow in XML parser in wsabi.dll of Winamp 3 1.0.0.488 allows remote attackers to execute arbitrary code via a skin file .wal with a long include file tag...
WinAmp XML parser buffer overflow
Buffer overflow on .WAL files parsing...
CVE-2002-2366
Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml...
Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD
/////////////////////////////////////////////////////////////////////// ======================== Security Advisory ======================== /////////////////////////////////////////////////////////////////////// -------------------------------------------------------------------- Multiple vendors...
IIL Advisory: Winamp 3 (1.0.0.488) XML parser buffer overflow vulnerability
Illegal Instruction Labs Advisory ------------------------------------------------------------------------ Advisory name: Winamp 3 1.0.0.488 XML parser buffer overflow vulnerability Application: Winamp 3 1.0.0.488 Homepage: www.winamp.com Impact: There is a buffer overflow inside XML parser DLL...