Download
| Alert*
oval:org.secpod.oval:def:1800809
CVE-2017-5969: Null pointer derefence parsing xml file using libxml Upstream bug report: oval:org.secpod.oval:def:1000564 The remote host is missing a patch 125731-15 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:2001109 ** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser." oval:org.secpod.oval:def:1000542 The remote host is missing a patch 125732-15 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:2101452 ** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery a ... oval:org.secpod.oval:def:89044570 This update for libxml2 fixes the following issues: Security issues fixed: * CVE-2017-0663: Fixed a heap buffer overflow in xmlAddID * CVE-2017-5969: Fixed a NULL pointer deref in xmlDumpElementContent oval:org.secpod.oval:def:1800588 CVE-2017-5969: Null pointer derefence parsing xml file using libxml Upstream bug report: Reference: oval:org.secpod.oval:def:1800821 CVE-2017-5969: Null pointer dereference parsing xml file using libxml Upstream bug report Reference oval:org.secpod.oval:def:89044817 This update for libxml2 fixes the following issues: Security issues fixed: * CVE-2017-0663: Fixed a heap buffer overflow in xmlAddID * CVE-2017-5969: Fixed a NULL pointer deref in xmlDumpElementContent * CVE-2017-7375: Prevented an unwanted external entity reference * CVE-2017-7376: Increase buff ... |