[SECURITY] Fedora 10 Update: xerces-c-2.8.0-5.fc10

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0...

[SECURITY] Fedora 10 Update: xerces-c27-2.7.0-8.fc10

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and wri te XML data. A shared library is provided for parsing, generating, manipulatin g, and validating XML documents. Xerces-C is faithful to the XML 1.0...

Fedora Core 11 FEDORA-2009-8157 (xml-security-c)

The remote host is missing an update to xml-security-c announced via advisory FEDORA-2009-8157. OpenVAS Vulnerability Test $Id: fcore20098157.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-8157 xml-security-c Authors: Thomas Reinke Copyright:...

Mandrake Security Advisory MDVSA-2009:163 (tomcat5)

The remote host is missing an update to tomcat5 announced via advisory MDVSA-2009:163. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

DEBIAN-CVE-2009-1885

Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service application crash via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrat...

Apache 2.2.x < 2.2.12 Multiple Vulnerabilities

According to its banner, the version of Apache 2.2.x. running on the remote host is prior to 2.2.12. It is, therefore, affected by the following vulnerabilities : - A heap-based buffer underwrite flaw exists in the function 'aprstrmatchprecompile' in the bundled copy of the APR-util library, whic...

[SECURITY] Fedora 11 Update: xml-security-c-1.5.1-1.fc11

The xml-security-c library is a C++ implementation of the XML Digital Signa ture specification. The library makes use of the Apache XML project's Xerces-C X ML Parser and Xalan-C XSLT processor. The latter is used for processing XPath and XSLT transforms...

tomcat5 security update

CentOS Errata and Security Advisory CESA-2009:1164 Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Apache Tomcat is a servlet container...

RHEL 5 : tomcat (RHSA-2009:1164)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1164 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was discovered that the Red Hat Security...

Important: Red Hat Security Advisory: tomcat security update

Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP...

tomcat XML parser information disclosure

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the 1 web.xml, 2 context.xml, or 3 tld files of arbitrary web applications via a crafted...

openSUSE Security Update : tomcat6 (tomcat6-999)

This update of tomcat fixes several vulnerabilities : - CVE-2008-5515: RequestDispatcher usage can lead to information leakage - CVE-2009-0033: denial of service via AJP connection - CVE-2009-0580: some authentication classes allow user enumeration - CVE-2009-0781: XSS bug in example application...

apr-util billion laughs attack

The expat XML parser in the aprxml interface in xml/aprxml.c in Apache APR-util before 1.3.7, as used in the moddav and moddavsvn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via a crafted XML document containing a large number of nest...

Important: Red Hat Security Advisory: httpd22 security update

Updated httpd22 packages that fix multiple security issues are now available for JBoss Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server...

tomcat XML parser information disclosure

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the 1 web.xml, 2 context.xml, or 3 tld files of arbitrary web applications via a crafted...

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0.CP07 update

Updated JBoss Enterprise Application Platform JBEAP 4.2 packages that fix various issues are now available for Red Hat Enterprise Linux 5 as JBEAP 4.2.0.CP07. This update has been rated as having important security impact by the Red Hat Security Response Team. JBoss Enterprise Application Platfor...

tomcat XML parser information disclosure

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the 1 web.xml, 2 context.xml, or 3 tld files of arbitrary web applications via a crafted...

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 4.3.0.CP05 update

Updated JBoss Enterprise Application Platform JBEAP 4.3 packages that fix various issues are now available for Red Hat Enterprise Linux 4 as JBEAP 4.3.0.CP05. This update has been rated as having important security impact by the Red Hat Security Response Team. JBoss Enterprise Application Platfor...

tomcat XML parser information disclosure

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the 1 web.xml, 2 context.xml, or 3 tld files of arbitrary web applications via a crafted...

GLSA-200907-03 : APR Utility Library: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200907-03 APR Utility Library: Multiple vulnerabilities Multiple vulnerabilities have been discovered in the APR Utility Library: Matthew Palmer reported a heap-based buffer underflow while compiling search patterns in the...