Debian: Security Advisory (DSA-2075-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2075-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0182 Wladimir Palant discovered that security checks in XML processing were insufficiently...

DSA-2075-1 xulrunner - several vulnerabilities

Bulletin has no description...

CVE-2009-4776

Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote attackers to have an unknown impact via vectors relate...

Microsoft Internet Explorer memory corruption

Memory corruption on XML/HTML processing...

Adobe BlazeDS XML Processing Information Disclosure (APSB10-05; CVE-2009-3960)

Adobe BlazeDS is the server-based Java remoting and web messaging technology that enables developers to connect to back-end distributed data and push data in real-time to Adobe Flex and Adobe AIR applications. An information disclosure vulnerability has been identified in Adobe BlazeDS. The...

Multiple Products libxml2 XML File Processing Entity Name Buffer Overflow (CVE-2008-3529)

A vulnerability has been reported in libxml2 that could allow remote attackers to execute arbitrary code on the vulnerable system.The vulnerability is due to a boundary error within the Libxml2, specifically in the way libxml2 handles long XML entity names. Remote attackers could exploit this...

[SECURITY] Fedora 11 Update: python-4Suite-XML-1.0.2-8.fc11

4Suite-XML is a suite of Python modules for XML and RDF processing. Its major components include the following: Ft.Xml.Domlette: A very fast, lightweight XPath-oriented DOM. Ft.Xml.XPath: An XPath 1.0 implementation for Domlette documents. Ft.Xml.Xslt: A robust XSLT 1.0 processor. Ft.Lib: Various...

[SECURITY] Fedora 10 Update: python-4Suite-XML-1.0.2-8.fc10

4Suite-XML is a suite of Python modules for XML and RDF processing. Its major components include the following: Ft.Xml.Domlette: A very fast, lightweight XPath-oriented DOM. Ft.Xml.XPath: An XPath 1.0 implementation for Domlette documents. Ft.Xml.Xslt: A robust XSLT 1.0 processor. Ft.Lib: Various...

RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2008:0790)

Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The IBM 1.5.0 Java release includes the IBM Java 2...

Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Zip File Scanning Utility

Overview Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability that allows unauthorized access through a zip file scanning API. Impact Unauthorized access may be done when loading and scanning an external zip file. Solution Please refer to the 'Vendor...

ZDI-08-078: Trillian IMG SRC ID Memory Corruption Vulnerability

ZDI-08-078: Trillian IMG SRC ID Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-078 December 4, 2008 -- Affected Vendors: Cerulean Studios -- Affected Products: Cerulean Studios Trillian -- Vulnerability Details: This vulnerability allows remote attackers to...

ZDI-08-079: Trillian AIM Plugin Malformed XML Tag Heap Overflow Vulnerability

ZDI-08-079: Trillian AIM Plugin Malformed XML Tag Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-079 December 4, 2008 -- Affected Vendors: Cerulean Studios -- Affected Products: Cerulean Studios Trillian -- Vulnerability Details: This vulnerability allows remote...

Trillian多个远程内存破坏漏洞

BUGTRAQ ID: 32645 Trillian是一个聊天程序，和多种即时通讯程序使用相同的接口，包括AIM、ICQ、Yahoo! Messenger、MSN Messenger和IRC。 Trillian的XML处理代码在处理畸形的XML标签时没有分配充足的空间，将其拷贝到新分配的缓冲区时可能会用攻击者提供的数据覆盖堆结构；此外XML处理代码在处理特殊格式的xml时可能会破坏内部数据结构，之后在释放这个数据结构时应用程序会多次释放单个块，这可能导致执行任意指令。...

Trillian < 3.1.12.0 Multiple Vulnerabilities

Binary data 4778.prm...

Trillian AIM Plugin Malformed XML Tag Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XML processing code for Trillian. When parsing a malformed XML tag, the...

Trillian IMG SRC ID Memory Corruption Vulnerability

This vulnerability allows remote attackers to potentially execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XML processing code for Trillian. When parsing specially...

Mozilla parsing error in E4X default namespace

Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X...

OpenJDK JAX-WS unauthorized URL access (6542088)

Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment JRE in JDK and JRE 6 Update 6 and earlier allows remote attackers to access URLs or cause a denial of service via unknown vectors involving "processing of XML data" by a trusted application...

security flaw

Unspecified vulnerability in Sun Java Runtime Environment JRE in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted 1 application or 2 applet, a different...