12 matches found
Amazon Linux AMI : libxml2 (ALAS-2012-134)
Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially crafted XML file that, when opened in an application linked against libxml2, would cause the...
CVE-2013-2210
Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.2 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this...
CVE-2013-2210
Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.2 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this...
DEBIAN-CVE-2013-2154
Stack-based buffer overflow in the XML Signature Reference functionality xsec/dsig/DSIGReference.cpp in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.1 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed...
CVE-2013-2210
Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.2 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this...
Heap overflow
Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.2 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this...
CVE-2013-2154
Stack-based buffer overflow in the XML Signature Reference functionality xsec/dsig/DSIGReference.cpp in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.1 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed...
CVE-2013-2210
Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.2 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this...
CVE-2013-2154
Stack-based buffer overflow in the XML Signature Reference functionality xsec/dsig/DSIGReference.cpp in Apache Santuario XML Security for C++ aka xml-security-c before 1.7.1 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via malformed...
Updated xml-security-c package fixes multiple security vulnerabilities
The implementation of XML digital signatures in the Santuario-C++ library is vulnerable to a spoofing issue allowing an attacker to reuse existing signatures with arbitrary content CVE-2013-2153. A stack overflow, possibly leading to arbitrary code execution, exists in the processing of malformed...
DSA-2717-1 xml-security-c - heap overflow
Bulletin has no description...
Debian Security Advisory DSA 2710-1 (xml-security-c - several vulnerabilities)
James Forshaw from Context Information Security discovered several vulnerabilities in xml-security-c, an implementation of the XML Digital Security specification. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-2153 The implementation of XML digital...