63 matches found
EUVD-2020-0517
Malware in sbrugna...
EUVD-2012-5084
Malware in sbrugna...
EUVD-2024-18072
Malicious code in bioql PyPI...
Medium: xerces-j2
Issue Overview: Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML service, which triggers hash table collisions. CVE-2012-0881 There's a vulnerability within the Apache Xerces Java XercesJ XML parser when...
How to Change XML Service Port When Not Using Default Port
This article describes how to change the XML service port if you are not using the default port in XenDesktop 7.x. and CVAD...
CITRIX-XML-SERVICE NetScaler Monitor Fails after Installing XenApp 6 Hotfix Rollup Pack 02
The CITRIX-XML-SERVICE NetScaler built-in monitor fails after Hotfix Rollup Pack 2 for Citrix XenApp 6 for Microsoft Windows Server 2008 R2 is installed. However, XenApp continues to work. The following message appears when you view the monitor. "Failure – TicketTag not found in the response" Wit...
XenApp Error: Citrix Servers Reported That They are Too Busy to Provide Access to the Selected Resource
On attempting to launch any published application from a XenApp 6.0 server, the server reports that it is too busy to provide access to the selected resource. The application event log contains the following entry: The Citrix servers reported that they are too busy to provide access to the select...
CVE-2024-20357
Cisco CVE-2024-20357 affects multiple Cisco IP Phone series (6800/7800/8800, and related firmware) where XML request parsing lacks proper bounds checking. An unauthenticated, remote attacker could craft XML to trigger calls or play sounds on the device. Root cause is improper bounds-checking duri...
CVE-2024-20357
A vulnerability in the XML service of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to initiate phone calls on an affected device. This vulnerability exists because bounds-checking does not occur while parsing XML requests. An attacker could exploit this vulnerability by...
Security Bulletin: Order Management is subject to vulnerabilities regarding XML service where a remote attacker could exploit this vulnerability.
Summary Order Management removed parts of legacy code that carried vulnerabilites. The code did contain CVE-2009-2625, CVE-2013-4002, CVE-2012-0881, however the specific code related to the vulnerability is not in use, therefore the risk is lower. This bulletin identifies the steps to take to...
Security Bulletin: IBM Sterling B2B Integrator vulnerable to denial of service due to Apache Xerces2 Java (CVE-2012-0881, CVE-2022-23437 )
Summary IBM Sterling B2B Integrator uses Apache Xerces2 Java libraries. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2012-0881 DESCRIPTION: Apache Xerces2 Java is vulnerable to a denial of service, caused by a flaw in the XML service. ...
MAL-2022-7283 Malicious code in xml-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b380f7c6eab49c0c9130356ff071855915ba8be1dcec019399664e73266564b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in xml-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b380f7c6eab49c0c9130356ff071855915ba8be1dcec019399664e73266564b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
How to Configure User SID Enumeration in the XML Service
This article contains information about configuring the Citrix XML Service to perform enumeration of Security Identifiers SIDs for user accounts when using Single Sign-on SSO or smart card authentication to Web Interface 5.0. Background When using SSO or smart card authentication, access for user...
Huawei EulerOS: Security Advisory for xerces-j2 (EulerOS-SA-2020-2405)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : xerces-j2 (EulerOS-SA-2020-2405)
According to the version of the xerces-j2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML...
EulerOS 2.0 SP5 : xerces-j2 (EulerOS-SA-2020-2277)
According to the version of the xerces-j2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML...
EulerOS 2.0 SP3 : xerces-j2 (EulerOS-SA-2020-2068)
According to the version of the xerces-j2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML...
EulerOS 2.0 SP8 : xerces-j2 (EulerOS-SA-2020-1889)
According to the version of the xerces-j2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML...
GHSA-VMQM-G3VH-847M Denial of service in Apache Xerces2
Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML service, which triggers hash table collisions...