Mozilla Firefox 3.6 - XML Parser Memory Corruption (PoC) Denial of Service

Mozilla Firefox 3.6 - XML Parser Memory Corruption PoC Denial of Service Firefox 3.6XML parsermemory corruption PoC/Dos by d3b4g From tiny islands of maldivies Tested: version 3.6 Tested on windows XP SP3 20-01-2010 This same bug was in early version of firfox,found by Wojciech Pawlikowski This i...

Opera 10.10 - XML Parser Denial of Service (PoC)

Opera 10.10 - XML Parser Denial of Service PoC From tiny islands of maldivies d3b4g.info Tested: version 10.10 Tested on windows XP SP3 20-01-2010 special thanks to peter Van Eeckhoutte after opening the opera.html broswer hang for a while and crush.same bug in firefox too :d This vulnerability...

Opera 10.10 (XML parser) Denial of Service PoC

Exploit for unknown platform in category dos / poc ============================================== Opera 10.10 XML parser Denial of Service PoC ============================================== From tiny islands of maldivies d3b4g.info Tested: version 10.10 Tested on windows XP SP3 20-01-2010 special...

CentOS 5 : tomcat (CESA-2009:1164)

Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP...

Trillian

Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly earlier, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted DTD file...

[SECURITY] Fedora 12 Update: PyXML-0.8.4-17.fc12

An XML package for Python. The distribution contains a validating XML parser, an implementation of the SAX and DOM programming interfaces and an interface to the Expat parser...

Mandriva Security Advisory MDVSA-2009:215-1 (audacity)

The remote host is missing an update to audacity announced via advisory MDVSA-2009:215-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandriva Security Advisory MDVSA-2009:314 (apr)

The remote host is missing an update to apr announced via advisory MDVSA-2009:314. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

[SECURITY] Fedora 12 Update: expat-2.0.1-8.fc12

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

[SECURITY] Fedora 11 Update: expat-2.0.1-8.fc11

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

[SECURITY] Fedora 10 Update: expat-2.0.1-8.fc10

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

CVE-2009-3560

The big2toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service application crash via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlo...

RedHat Security Advisory RHSA-2009:1615

The remote host is missing updates announced in advisory RHSA-2009:1615. The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition DTD defines the legal syntax and also which elements can be used for certain types of files, such as XM...

RedHat Security Advisory RHSA-2009:1615

The remote host is missing updates announced in advisory RHSA-2009:1615. The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition DTD defines the legal syntax and also which elements can be used for certain types of files, such as XM...

Low: Red Hat Security Advisory: tomcat security update for Red Hat Network Satellite Server

An updated tomcat package that fixes several security issues is now available for Red Hat Network Satellite Server 5.1. This update has been rated as having low security impact by the Red Hat Security Response Team. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JS...

tomcat XML parser information disclosure

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the 1 web.xml, 2 context.xml, or 3 tld files of arbitrary web applications via a crafted...

tomcat XML parser information disclosure

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the 1 web.xml, 2 context.xml, or 3 tld files of arbitrary web applications via a crafted...

Low: Red Hat Security Advisory: tomcat security update for Red Hat Network Satellite Server

Updated tomcat packages that fix several security issues are now available for Red Hat Network Satellite Server 5.2 and 5.3. This update has been rated as having low security impact by the Red Hat Security Response Team. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pag...

Moderate: Red Hat Security Advisory: xerces-j2 security update

Updated xerces-j2 packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser....

RedHat Security Advisory RHSA-2009:1563

The remote host is missing updates announced in advisory RHSA-2009:1563. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was discovered that the Red Hat Security Advisory RHSA-2008:0195 did not address all possible flaws in the way Tomcat handle...