Vulnerability & Exploit Database

Displaying entries 1 - 10 of 23 in total

Results for: CVE-2015-7942 Back to search

Amazon Linux AMI: Security patch for libxml2 (ALAS-2015-628) (multiple CVEs) Vulnerability

  • Severity: 7
  • Published: December 15, 2015

The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.

SUSE: CVE-2015-7942: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: November 18, 2015

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.

Oracle Solaris 11: CVE-2015-7942: Vulnerability in libxml2 Vulnerability

  • Severity: 7
  • Published: November 18, 2015

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.

RHSA-2015:2550: libxml2 security update Vulnerability

  • Severity: 7
  • Published: November 18, 2015

The libxml2 library is a development toolbox providing the implementationof various XML standards.Several denial of service flaws were found in libxml2, a library providingsupport for reading, modifying, and writing XML and HTML files. A remoteattacker could provide a specially crafted XML or HTML file that, whenprocessed by an applicati...

RHSA-2015:2549: libxml2 security update Vulnerability

  • Severity: 7
  • Published: November 18, 2015

The libxml2 library is a development toolbox providing the implementationof various XML standards.Several denial of service flaws were found in libxml2, a library providingsupport for reading, modifying, and writing XML and HTML files. A remoteattacker could provide a specially crafted XML or HTML file that, whenprocessed by an applicati...

ELSA-2015-2550 Moderate: Oracle Linux libxml2 security update Vulnerability

  • Severity: 7
  • Published: November 18, 2015

The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.

ELSA-2015-2549 Moderate: Oracle Linux libxml2 security update Vulnerability

  • Severity: 7
  • Published: November 18, 2015

The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.

IBM AIX: libxml2_advisory2 (CVE-2015-7942): Vulnerabilities in LibXML2 affect AIX Vulnerability

  • Severity: 7
  • Published: November 18, 2015

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.

Gentoo Linux: CVE-2015-7942: libxml2: Multiple vulnerabilities Vulnerability

  • Severity: 7
  • Published: November 18, 2015

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.

FreeBSD: libxml2 -- multiple vulnabilities (Multiple CVEs) Vulnerability

  • Severity: 7
  • Published: November 18, 2015

The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.