MGASA-2018-0178 Updated xerces-c packages fix security vulnerability

The Xerces-C XML parser mishandles certain kinds of external DTD references, resulting in dereference of a NULL pointer while processing the path to the DTD. The bug allows for a denial of service attack in applications that allow DTD processing and do not prevent external DTD usage, and could...

Updated xerces-c packages fix security vulnerability

The Xerces-C XML parser mishandles certain kinds of external DTD references, resulting in dereference of a NULL pointer while processing the path to the DTD. The bug allows for a denial of service attack in applications that allow DTD processing and do not prevent external DTD usage, and could...

Microsoft Windows Remote Assistance XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Stack overflow

Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service...

CVE-2018-6304

Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service...

CVE-2018-6304

Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service...

CVE-2018-6304

CVE-2018-6304 affects Gemalto Sentinel LDK RTE. A stack overflow in the custom XML-parser (in Sentinel LDK RTE) prior to version 7.65 is described as the root cause, with remote denial of service as theImpact. Public sources in the connected documents confirm the component and version range vulne...

Xxe

FreePlane version 1.5.9 and earlier contains a XML External Entity XXE vulnerability in XML Parser in mindmap loader that can result in stealing data from victim's machine. This attack appears to require the victim to open a specially crafted mind map file. This vulnerability appears to have been...

CVE-2018-1000069

FreePlane version 1.5.9 and earlier contains a XML External Entity XXE vulnerability in XML Parser in mindmap loader that can result in stealing data from victim's machine. This attack appears to require the victim to open a specially crafted mind map file. This vulnerability appears to have been...

CVE-2018-1000069

FreePlane version 1.5.9 and earlier contains a XML External Entity XXE vulnerability in XML Parser in mindmap loader that can result in stealing data from victim's machine. This attack appears to require the victim to open a specially crafted mind map file. This vulnerability appears to have been...

CVE-2018-1000069

CVE-2018-1000069 affects FreePlane

Memory corruption

Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600,...

CVE-2017-15314

Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600,...

CVE-2017-15314

CVE-2017-15314 is a memory leak vulnerability in Huawei devices (e.g., DP300, RP200, TE30/40/50/60, V500R002C00/V600R006C00, etc.) caused by the XML parser failing to free memory when processing certain nodes. The flaw can lead to memory consumption and subsequent system exceptions. Connected sou...

CVE-2017-15314

Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600,...

MGASA-2018-0158 Updated xerces-c packages fix CVE-2017-12627

Updated xerces-c packages fix security vulnerability: The Xerces-C XML parser mishandles certain kinds of external DTD references, resulting in dereference of a NULL pointer while processing the path to the DTD. The bug allows for a denial of service attack in applications that allow DTD processi...

Updated xerces-c packages fix CVE-2017-12627

Updated xerces-c packages fix security vulnerability: The Xerces-C XML parser mishandles certain kinds of external DTD references, resulting in dereference of a NULL pointer while processing the path to the DTD. The bug allows for a denial of service attack in applications that allow DTD processi...

Apache Xerces-C XML Parser Library Denial of Service Vulnerability

Apache Xerces XML Parser library is the Apache Apache Software Foundation of the United States of America, a XML syntax parser library . Apache Xerces-C is its language version. A security vulnerability exists in the Apache Xerces-C XML Parser library. A remote attacker could exploit this...

Null pointer dereference

XML parser in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has a DoS vulnerability. Due to not check the specially XML file enoug...

CVE-2017-17134

XML parser in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has a DoS vulnerability. Due to not check the specially XML file enoug...