shibboleth-sp -- vulnerable to forged user attribute data

Shibboleth consortium reports: Shibboleth SP software vulnerable to forged user attribute data The Service Provider software relies on a generic XML parser to process SAML responses and there are limitations in older versions of the parser that make it impossible to fully disable Document Type...

Trend Micro Control Manager AdHocQuery_Processor External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

GLSA-201801-08 : MiniUPnPc: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201801-08 MiniUPnPc: Arbitrary code execution An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. Impact : A remote attacker, by enticing a user to connect to a malicious...

MiniUPnPc: Arbitrary code execution

Background The client library, enabling applications to access the services provided by an UPnP “Internet Gateway Device” present on the network. Description An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. Impact A remote attacker, by...

Huawei DP300 XML Parser Integer Overflow Vulnerability

Huawei DP300 is a video conferencing endpoint from Huawei, a Chinese company. An integer overflow vulnerability exists in the Huawei DP300 XML parser due to the XML parser failing to adequately validate incoming content. An authenticated, local attacker could launch a denial of service attack by...

Security Advisory - Multiple Vulnerabilities in XML Parser of Some Huawei Products

There are multiple buffer overflow vulnerabilities in some Huawei products due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks or remote code execution on the device. Vulnerability ID...

Multiple Huawei Products XML Parser Denial of Service Vulnerabilities

Huawei DP300 and RP200 are Huawei's all-in-one desktop SmartTruth products for high-end customers, and the TE series is a high-definition videoconferencing terminal that supports 1080p60. A denial-of-service vulnerability exists in the XML parser of multiple Huawei products. The vulnerability is...

Security Advisory - DoS Vulnerability in XML Parser of Some Huawei Products

XML parser has a DoS vulnerability in some Huawei products. Due to not check the specially XML file enough, an authenticated local attacker may craft specific XML files to the affected products and parse this file, which cause to null pointer accessing and result in DoS attacks. Vulnerability ID:...

Memory leak vulnerability in multiple Huawei products (CNVD-2017-35719)

Huawei DP300/RP200 and TE series are all-in-one desktop and HD video conferencing terminals launched by Huawei for high-end customers. A memory leak vulnerability exists in multiple Huawei products due to the XML parser failing to free memory when processing certain nodes. An attacker could explo...

Security Advisory - Two DOS Vulnerabilities of XML Parser in Some Huawei Products

XML parser have two DOS vulnerabilities in some Huawei products. An attacker may craft specific XML files to the affected products. Due to not check the specially XML file and to parse this file, successful exploit will result in DOS attacks. Vulnerability ID: HWPSIRT-2017-03037 and...

Internet Bug Bounty: Multiple issues in Libxml2 (2.9.2 - 2.9.5)

Libxml2 is the XML C parser and toolkit developed for the Gnome project. Due to its flexible C implementation and continuous development, Libxml2 is known to be very portable, the library builds and works on a variety of systems Linux, Unix, Windows, CygWin, MacOS, MacOS X, RISC Os, OS/2, VMS, QN...

Design/Logic Flaw

parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities...

ALPINE-CVE-2017-16931

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name...

[SECURITY] Fedora 26 Update: rubygem-ox-2.4.13-2.fc26

A fast XML parser and object serializer that uses only standard C lib. Optimized XML Ox, as the name implies was written to provide speed optimi zed XML handling. It was designed to be an alternative to Nokogiri and other Ru by XML parsers for generic XML parsing and as an alternative to Marshal...

[SECURITY] Fedora 27 Update: rubygem-ox-2.8.2-1.fc27

A fast XML parser and object serializer that uses only standard C lib. Optimized XML Ox, as the name implies was written to provide speed optimi zed XML handling. It was designed to be an alternative to Nokogiri and other Ru by XML parsers for generic XML parsing and as an alternative to Marshal...

libxml2: Multiple vulnerabilities

Background libxml2 is the XML eXtended Markup Language C parser and toolkit initially developed for the Gnome project. Description Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by enticing a user...

GHSA-9C2J-593Q-3G82 activesupport Improper Input Validation vulnerability

The ActiveSupport::XmlMiniJDOM backend in lib/activesupport/xmlmini/jdom.rb in the Active Support component in Ruby on Rails 3.0.x and 3.1.x before 3.1.12 and 3.2.x before 3.2.13, when JRuby is used, does not properly restrict the capabilities of the XML parser, which allows remote attackers to...

activesupport Improper Input Validation vulnerability

The ActiveSupport::XmlMiniJDOM backend in lib/activesupport/xmlmini/jdom.rb in the Active Support component in Ruby on Rails 3.0.x and 3.1.x before 3.1.12 and 3.2.x before 3.2.13, when JRuby is used, does not properly restrict the capabilities of the XML parser, which allows remote attackers to...

Apache Solr 7.0.1 XXE Injection / Code Execution

First Vulnerability: XML External Entity Expansion deftype=xmlparser Lucene includes a query parser that is able to create the full-spectrum of Lucene queries, using an XML data structure. Starting from version 5.1 Solr supports "xml" query parser in the search query. The problem is that lucene x...

FreeBSD : solr -- Code execution via entity expansion (e837390d-0ceb-46b8-9b32-29c1195f5dc7)

Solr developers report : Lucene XML parser does not explicitly prohibit doctype declaration and expansion of external entities which leads to arbitrary HTTP requests to the local SOLR instance and to bypass all firewall restrictions. Solr 'RunExecutableListener' class can be used to execute...