Download
| Alert*
|
oval:org.secpod.oval:def:89003142
This update for libxslt fixes the following issues: Security issues fixed: - CVE-2019-13118: Fixed a read of uninitialized stack data . - CVE-2019-13117: Fixed a uninitialized read which allowed to discern whether a byte on the stack contains certain special characters . oval:org.secpod.oval:def:62668 The host is installed with Oracle Java SE through 8u231 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (libxslt). Successful exploitation allows attackers to affect confidentiality. oval:org.secpod.oval:def:62667 The host is installed with Oracle Java SE through 8u231 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (libxslt). Successful exploitation allows attackers to affect confidentiality. oval:org.secpod.oval:def:62666 The host is installed with Oracle Java SE through 8u231 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (libxslt). Successful exploitation allows attackers to affect confidentiality. oval:org.secpod.oval:def:62665 The host is installed with Oracle Java SE through 8u231 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (libxslt). Successful exploitation allows attackers to affect confidentiality. oval:org.secpod.oval:def:57653 The host is missing a security update according to Apple advisory, APPLE-SA-2019-7-23-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:57652 The host is missing a security update according to Apple advisory, APPLE-SA-2019-7-23-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:57594 The host is installed with Apple Mac OS X 10.12.6, 10.13.6 or 10.14.5 and is prone to a stack overflow vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows an attacker to view sensitive information. oval:org.secpod.oval:def:1801647 In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.In numbers.c in libxslt ... oval:org.secpod.oval:def:89050286 This update for libxslt fixes the following issues: Security issues fixed: - CVE-2019-13118: Fixed a read of uninitialized stack data . - CVE-2019-13117: Fixed a uninitialized read which allowed to discern whether a byte on the stack contains certain special characters . - CVE-2019-18197: Fixed a da ... oval:org.secpod.oval:def:60724 The host is installed with Apple Mac OS X 10.12.6, 10.13.6 or 10.14.5 or Oracle Java SE through 8u231 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (libxslt). Successful exploitation allows attackers to affect conf ... oval:org.secpod.oval:def:705248 libxslt: XSLT processing library Several security issues were fixed in Libxslt. oval:org.secpod.oval:def:59599 libxslt: XSLT processing library Several security issues were fixed in Libxslt. oval:org.secpod.oval:def:2104627 In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character. oval:org.secpod.oval:def:1700295 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE . Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Jav ... oval:org.secpod.oval:def:57654 The host is installed with Apple iTunes before 12.9.6, Apple iCloud before 7.13 or Oracle Java SE through 8u231 and is prone to a stack overflow vulnerability. A flaw is present in the applications, which fail to properly handle an input validation issue. Successful exploitation could allow attacker ... oval:org.secpod.oval:def:60712 The host is installed with Oracle Java SE through 8u231 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (libxslt). Successful exploitation allows attackers to affect confidentiality. oval:org.secpod.oval:def:57623 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14.5 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows attackers to execute arbitrary code or read restricted memo ... oval:org.secpod.oval:def:58070 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14.5 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows attackers to execute arbitrary code or read restricted memo ... |
