Download
| Alert*
oval:org.secpod.oval:def:601128
Aki Helin of OUSPG discovered many out-of-bounds read issues in libxml2, the GNOME project"s XML parser library, which can lead to denial of service issues when handling XML documents that end abruptly. oval:org.secpod.oval:def:1500566 Updated libxml2 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available f ... oval:org.secpod.oval:def:203323 The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked ag ... oval:org.secpod.oval:def:14894 The host is installed with Google Chrome before 28.0.1500.71 and is prone to multiple unspecified vulnerabilities. The flaws are present in the parser.c in libxml2 before 2.9.0, which fails to handle a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state. S ... oval:org.secpod.oval:def:14909 The host is installed with Google Chrome before 28.0.1500.71 and is prone to multiple unspecified vulnerabilities. The flaws are present in the parser.c in libxml2 before 2.9.0, which fails to handle a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state. S ... oval:org.secpod.oval:def:14905 The host is missing a critical severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain vectors related to some implementations and related to memory. Successful exploitation ... oval:org.secpod.oval:def:14919 The host is missing a critical severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain vectors related to some implementations and related to memory. Successful exploitation ... oval:org.secpod.oval:def:601072 Several vulnerabilities have been discovered in the Chromium web browser. CVE-2013-2853 The HTTPS implementation does not ensure that headers are terminated by \r\n\r\n . CVE-2013-2867 Chrome does not properly prevent pop-under windows. CVE-2013-2868 common/extensions/sync_helper.cc proceeds with sy ... oval:org.secpod.oval:def:701359 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:14947 The host is missing a critical severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the appliocation, which fails to handle certain vectors related to some implementations and related to memory. Successful exploitatio ... oval:org.secpod.oval:def:1600025 parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state. oval:org.secpod.oval:def:14923 The host is installed with Google Chrome before 28.0.1500.71 and is prone to multiple unspecified vulnerabilities. The flaws are present in the parser.c in libxml2 before 2.9.0, which fails to handle a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state. S ... oval:org.secpod.oval:def:14933 The host is missing a critical severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain vectors related to some implementations and related to memory. Successful exploitation ... oval:org.secpod.oval:def:14937 The host is installed with Google Chrome before 28.0.1500.71 and is prone to multiple unspecified vulnerabilities. The flaws are present in the parser.c in libxml2 before 2.9.0, which fails to handle a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state. S ... oval:org.secpod.oval:def:501293 The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked ag ... |