10 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-13117
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow ...
SUSE CVE-2016-1684
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service integer overflow or resource consumption or possibly have unspecified other impact via a crafted document...
DEBIAN-CVE-2019-13118
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data...
DEBIAN-CVE-2019-13117
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character...
ALPINE-CVE-2019-13117
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character...
CVE-2019-13117
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character...
CVE-2019-13118
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data...
The vulnerability of the LibXLST transformation library allows a attacker to cause a service failure or exert other effects.
The vulnerability of the numbers.c file in the XLST transformation library LibXLST is related to incorrect processing of the xsl:number format. Exploiting this vulnerability can allow a malicious actor to cause service failures or other effects through a specially crafted document...
DEBIAN-CVE-2016-1684
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service integer overflow or resource consumption or possibly have unspecified other impact via a crafted document...
chromium-browser: integer overflow in libxslt
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service integer overflow or resource consumption or possibly have unspecified other impact via a crafted document...