Design/Logic Flaw

Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call...

CVE-2017-10672

Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call...

CVE-2017-10672

The CVE-2017-10672 issue affects the Perl XML-LibXML module; a use-after-free in XML-LibXML up to version 2.0129 allows remote attackers to execute arbitrary code by controlling arguments to replaceChild. The Nessus/OSINT entries confirm the vulnerability exists in multiple distro packages (e.g.,...

UBUNTU-CVE-2017-10672

Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call...

CVE-2017-10672

Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call...

Perl XML-LibXML Module Arbitrary Code Execution Vulnerability

Perl is an American programmer Larry Wall Larry Wall developed a cross-platform programming language. XML-LibXML is one of the Debian-based XML file conversion module. An arbitrary code execution vulnerability exists in Perl's XML-LibXML module =2.0129, which can be exploited by a remote attacker...

openSUSE Security Update : perl-XML-LibXML (openSUSE-2015-571)

perl-XML-LibXML was updated to version 2.0.121 to fix one security vulnerability. - Fix 'expandentities' option that was not preserved under some circumstances. bsc929237, CVE-2015-3451 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

SUSE SLED12 / SLES12 Security Update : perl-XML-LibXML (SUSE-SU-2015:1439-1)

perl-XML-LibXML was updated to fix the expandentities option to be preserved in all cases. CVE-2015-3451. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much a...

SUSE-SU-2015:1439-1 Security update for perl-XML-LibXML

perl-XML-LibXML was updated to fix the expandentities option to be preserved in all cases. CVE-2015-3451...

DEBIAN-CVE-2015-3451

The clone function in XML::LibXML before 2.0119 does not properly set the expandentities option, which allows remote attackers to conduct XML external entity XXE attacks via crafted XML data to the 1 new or 2 loadxml function...

CVE-2015-3451

The clone function in XML::LibXML before 2.0119 does not properly set the expandentities option, which allows remote attackers to conduct XML external entity XXE attacks via crafted XML data to the 1 new or 2 loadxml function...

CVE-2015-3451

The clone function in XML::LibXML before 2.0119 does not properly set the expandentities option, which allows remote attackers to conduct XML external entity XXE attacks via crafted XML data to the 1 new or 2 loadxml function...

CVE-2015-3451

The clone function in XML::LibXML before 2.0119 does not properly set the expandentities option, which allows remote attackers to conduct XML external entity XXE attacks via crafted XML data to the 1 new or 2 loadxml function...

CVE-2015-3451

CVE-2015-3451 affects XML::LibXML prior to 2.0119. The _clone function does not properly preserve or set the expand_entities option, enabling XML external entity (XXE) attacks via crafted XML data to the new or load_xml entry points. The connected sources confirm the vulnerable component and the ...

Fedora Update for perl-XML-LibXML FEDORA-2015-7115

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for perl-XML-LibXML FEDORA-2015-7258

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 21 : perl-XML-LibXML-2.0119-1.fc21 (2015-7115)

Security fix for Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...

Fedora 20 : perl-XML-LibXML-2.0119-1.fc20 (2015-7258)

Security fix for Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...

Mandriva Linux Security Advisory : perl-XML-LibXML (MDVSA-2015:231)

Updated perl-XML-LibXML package fixes security vulnerability : Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected...

MGASA-2015-0199 Updated perl-XML-LibXML packages fix CVE-2015-3451

Updated perl-XML-LibXML package fixes security vulnerability: Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected...