Download
| Alert*
oval:org.secpod.oval:def:1800912
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a "%" character in a DTD name. Fixed In Version: libxml2 2.9.5 oval:org.secpod.oval:def:1800582 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a "%" character in a DTD name. Fixed In Version: libxml2 2.9.5 oval:org.secpod.oval:def:1800669 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a "%" character in a DTD name. Fixed In Version libxml2 2.9.5 oval:org.secpod.oval:def:1700218 xpointer.c in libxml2 before 2.9.5 does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service via a crafted XML document. parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro ca ... oval:org.secpod.oval:def:1601696 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml ... |