Download
| Alert*
|
oval:org.secpod.oval:def:301643
A heap-based buffer overflow was found in how libxml2 handled long XML entity names. If an application linked against libxml2 processed untrusted malformed XML content, it could cause the application to crash or possibly execute arbitrary code . The updated packages have been patched to prevent this ... oval:org.secpod.oval:def:301598 Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding . The updated packages have been patched to prevent this issue. oval:org.mitre.oval:def:7968 Andreas Solberg discovered that libxml2, the GNOME XML library, could be forced to recursively evaluate entities, until available CPU and memory resources were exhausted. oval:org.secpod.oval:def:17244 The host is installed with Apple Safari before 4.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly detect recursion during entity expansion in an attribute value. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:301426 Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding . Update: The original fix used to correct this issue caused some applications tha ... oval:org.secpod.oval:def:17282 The host is missing a security update according to Apple advisory, APPLE-SA-2009-06-08-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code or c ... |
