CVE-2004-1575

CVE-2004-1575 affects Xerces-C++ 2.5.0, where the XML parser can be induced to consume CPU (DoS) by crafted XML attributes. Public references (NVD/NIST, CVE records) classify the impact as a Denial of Service with a base score of 5.0 (Medium). Connected sources corroborate that the DoS arises fro...

CVE-2004-1378

The CVE-2004-1378 issue affects jabberd (open-source Jabber server) up to version 1.4.3 and earlier, where the embedded expat XML parser can be exploited by a malformed XML packet received on an XML-capable socket to trigger an application crash (DoS). Affected components include jabberd 1.4.3 an...

CVE-2004-1378

The expat XML parser code, as used in the open source Jabber jabberd 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service application crash via a malformed packet to a socket that accepts XML connections...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service CPU consumption via XML attributes in a crafted XML document. Remediation There is no fixed version for xerces-c. References ...

CVE-2004-1575

The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service CPU consumption via XML attributes in a crafted XML document...

CVE-2004-2244

The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service CPU and memory consumption via a SOAP message containing a...

Microsoft IIS 5.x/6.0 WebDAV (XML parser) attribute blowup DoS

//////////////////////////////////////////////////////////////////// //==================== Security Advisory =====================// //////////////////////////////////////////////////////////////////// -------------------------------------------------------------------- ----- IIS 5.x/6.0 WebDAV...

CVE-2004-1378

The expat XML parser code, as used in the open source Jabber jabberd 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service application crash via a malformed packet to a socket that accepts XML connections...

jabberd -- denial-of-service vulnerability

José Antonio Calvo discovered a bug in the Jabber 1.x server. According to Matthias Wimmer: Without this patch, it is possible to remotly crash jabberd14, if there is access to one of the following types of network sockets: Socket accepting client connections Socket accepting connections from oth...

EUVD-2002-1507

Buffer overflow in XML parser in wsabi.dll of Winamp 3 1.0.0.488 allows remote attackers to execute arbitrary code via a skin file .wal with a long include file tag...

CVE-2002-1524

Buffer overflow in XML parser in wsabi.dll of Winamp 3 1.0.0.488 allows remote attackers to execute arbitrary code via a skin file .wal with a long include file tag...

Multiple vendor SOAP server (XML parser) denial of service (DTD parameter entities)

/////////////////////////////////////////////////////////////////////////////// //========================== Security Advisory ==========================// ///////////////////////////////////////////////////////////////////////////////...

Multiple Vendor SOAP server (XML parser) attribute blowup DoS

/////////////////////////////////////////////////////////////////////////////// //========================== Security Advisory ==========================// ///////////////////////////////////////////////////////////////////////////////...

CVE-2002-1524

Buffer overflow in XML parser in wsabi.dll of Winamp 3 1.0.0.488 allows remote attackers to execute arbitrary code via a skin file .wal with a long include file tag...

WinAmp XML parser buffer overflow

Buffer overflow on .WAL files parsing...

CVE-2002-2366

Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml...

Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD

/////////////////////////////////////////////////////////////////////// ======================== Security Advisory ======================== /////////////////////////////////////////////////////////////////////// -------------------------------------------------------------------- Multiple vendors...

IIL Advisory: Winamp 3 (1.0.0.488) XML parser buffer overflow vulnerability

Illegal Instruction Labs Advisory ------------------------------------------------------------------------ Advisory name: Winamp 3 1.0.0.488 XML parser buffer overflow vulnerability Application: Winamp 3 1.0.0.488 Homepage: www.winamp.com Impact: There is a buffer overflow inside XML parser DLL...

Trillian XML parser buffer overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Problem: It is possible to create a skin for trillian that will trigger a buffer overflow. In trillian.xml under the prefs section. control name="colors" type="colors" colors file="4096 characters" Still no word from Cerulean Studios on when a fix wil...

Relative Vulnerability in Phpnuke XML parser

";phpinfo;// The title of this article could have phpNuke's parser acting strange if inserted as is in the backend xml file called every hour. sAvAte inc. Serial Savate System advisory --------------------------------------- xxxxxxxxxxxx.adv.en Program: PHPNUKE Homepage: http://www.phpnuke.org...