2720 matches found
Expat Encryption Mechanism Breach Vulnerability
Expat is a C-based XML parser library , it uses a stream-oriented parser . A security vulnerability exists in Expat when a program uses or passes a 0-seed in a parser call to XMLSetHashSalt, allowing a remote attacker to exploit the vulnerability to compromise cryptographic protection mechanisms...
SAP NetWeaver AS Java 7.5 XXE in com.sap.km.cm.ice
Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java 7.5 Vendor URL: SAP Bugs: XXE Reported: 17.06.2016 Vendor response: 18.06.2016 Date of Public Advisory: 11.04.2017 Reference: SAP Security Note 2387249 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: XXE...
SAP Netweaver AS Java - XXE vulnerability in Visual Composer VC70RUNTIME
Application: SAP NetWeaver Versions Affected: SAP NetWeaver AS JAVA 7.5 Vendor URL: SAP Bugs: XXE Reported: 17.06.2016 Vendor response: 18.06.2016 Date of Public Advisory: 14.02.2017 Reference: SAP Security Note 2386873 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: XXE Impact:...
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
DEBIAN-CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
ALPINE-CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
Code injection
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
CVE-2016-5300
Expat CVE-2016-5300 is a denial-of-service vulnerability in the Expat XML parser caused by insufficient entropy used for hash initialization. The issue allows context-dependent attackers to cause CPU exhaustion via crafted identifiers in XML documents. Connected material confirms this as an Expat...
Dell OpenManage Server Administrator 8.3 - XML External Entity Exploit
Exploit for multiple platform in category web applications !/usr/bin/ruby Exploit Title: Dell OpenManage Server Administrator 8.3 XXE Date: June 9, 2016 Exploit Author: hantwister Vendor Homepage:...
openSUSE Security Update : expat (openSUSE-2016-695)
This update for expat fixes the following issues : Security issue fixed : - CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of malformed input documents. bsc979441 - CVE-2015-1283: Fix multiple integer overflows. bnc980391 This update was imported from the SUSE:SLE-12:Update...
[SECURITY] [DLA 505-1] libpdfbox-java security update
Package : libpdfbox-java Version : 1:1.7.0+dfsg-4+deb7u1 CVE ID : CVE-2016-2175 Apache PDFBox did not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted PDF. This may lead to the disclosure of confidential data,...
XML Parser and Core Services upgrade
Question: Security scan detected obsolete software Microsoft XML Parser and Microsoft XML Core Services MSXML 4.0. Do we need & use XML for Xenmobile? Can we remove or update XML? Answer: This specific item is a very common scan error that likely does not have anything to do with XenMobile. In fa...
[SECURITY] [DSA 3597-1] expat security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3597-1 [email protected] https://www.debian.org/security/ Luciano Bello June 07, 2016 https://www.debian.org/security/faq -...
SUSE-SU-2016:1508-1 Security update for expat
This update for expat fixes the following issues: Security issue fixed: - CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of malformed input documents. bsc979441 - CVE-2015-1283: Fix multiple integer overflows. bnc980391...
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
DLA-505-1 libpdfbox-java - security update
Bulletin has no description...