Red Hat Security Advisory 2013-0763-01 - The JBoss Web Framework Kit combines popular open source web frameworks into a single solution for Java applications. This release of JBoss Web Framework Kit 2.2.0 serves as a replacement for JBoss Web Framework Kit 2.1.0. It includes various bug fixes and enhancements which are detailed in the JBoss Web Framework Kit 2.2.0 Release Notes.
bcc552aba157e86f9f1f7fc557510c73040d4381d49dbca767a3b296f3e6298fRed Hat Security Advisory 2012-1537-01 - JasperReports Server is a reporting server. A flaw was found in the way the Apache Xerces2 Java Parser processed the SYSTEM identifier in DTDs. A remote attacker could provide a specially-crafted XML file, which once parsed by an application using the Apache Xerces2 Java Parser, would lead to a denial of service. This update also fixes the following bugs: Adding a user to any ROLE caused an unexpected exception.
cda5cf73ac28123921171e07794e18b614763addcc34da268f4c05547a3e7c1fRed Hat Security Advisory 2012-1232-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. This release of JBoss Enterprise Portal Platform 5.2.2 serves as a replacement for JBoss Enterprise Portal Platform 5.2.1, and includes bug fixes.
bfe1fd78f8e8200d810ee7a288e9dc1353758cb7ece9cd3e7b7a530ff76c782bRed Hat Security Advisory 2012-0725-01 - JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss ON 3.1.0 release serves as a replacement for JBoss ON 3.0.1, and includes several bug fixes and enhancements.
8d3bb8bd4dec312c37db12ea1d0326d27764478c6640f56aba6202f31ce7e031Mandriva Linux Security Advisory 2011-108 - Apache Xerces2 Java, as used in Sun Java Runtime Environment in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
36474762543fd2efb0f44fd4865e7e2b9783b3ed2e9b6dbf845f00b3cd0de55cRed Hat Security Advisory 2011-0858-01 - The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition defines the legal syntax for certain types of files, such as XML files. A flaw was found in the way the Apache Xerces2 Java Parser processed the SYSTEM identifier in DTDs. A remote attacker could provide a specially-crafted XML file, which once parsed by an application using the Apache Xerces2 Java Parser, would lead to a denial of service . Various other issues were also addressed.
1322afc9e163b1accbe04131a1f2a00f8a9ce70a16cc72b304a79fe535bc6706VMware Security Advisory - JRE update to version 1.5.0_22, which addresses multiple security issues that existed in earlier releases of JRE.
9fdca7e08dfc8d5434a4f2c697c71bb80affbf3145121242ba0ffd398e591d00Debian Linux Security Advisory 1984-1 - It was discovered that libxerces2-java, a validating XML parser for Java, does not properly process malformed XML files. This vulnerability could allow an attacker to cause a denial of service while parsing a malformed XML file.
e56530873719bbbfac147c6d114599e2278e2430011f76a5e4f6add741be4f43Ubuntu Security Notice 890-1 - Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.
d4220160b2265aec5952c4517574f263f4c2b458f115db9b08bc867f153d8cbdVMware Security Advisory - VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components. And by multiple, VMware means 93 issues. And by issues, VMware means vulnerabilities.
101173f9f91a1f7594cf27ac8b0a52a7e9ab1d79d792e24aa5854aaa771f163dHP Security Bulletin - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, privilege escalation, and Denial of Service (DoS).
4e557744aecf9dd9f0d0fa1806010807ec9f5b0715c0bca405e0d75be361b35cDebian Linux Security Advisory 1921-1 - Peter Valchev discovered an error in expat, an XML parsing C library, when parsing certain UTF-8 sequences, which can be exploited to crash an application using the library.
a8c61f99857e60177edcb2d381f99d669fa2b271562368559e0a5e2d3e388682Mandriva Linux Security Advisory 2009-220 - A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack.
62f8f56d89a553e41588d5db5b6e8c8c6bedd5ba9eb955c6afe0df7daf55c476Mandriva Linux Security Advisory 2009-219 - A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Additionally on 2009.0 a patch was added to prevent kompozer from crashing (#44830), on 2009.1 a format string patch was added to make it build with the -Wformat -Werror=format-security gcc optimization switch added in 2009.1 This update fixes these issues.
c43b5b9412c80498d951f5aab3e7d44ddd1b71cdb3cda1b23ea0aa4f7d67b0fcMandriva Linux Security Advisory 2009-218 - A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack.
940574ed34e91952ce7c4208a6ef290ecd054124708ad5e6e7a4b5377e08e20bMandriva Linux Security Advisory 2009-217 - A number of security vulnerabilities have been discovered in Mozilla Thunderbird. Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate. A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack.
9d01bf4018ef272796f802e7b69bf36d94eabb3f0d7d7fb3c6e573ebfc24366aMandriva Linux Security Advisory 2009-216 - A number of security vulnerabilities have been discovered in the NSS and NSPR libraries and in Mozilla Thunderbird.
e8e619c27abfa1ea866f6d756a974aa55669f6f2b6b85c33173163bb95017751Mandriva Linux Security Advisory 2009-215 - A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack.
ce2329ccd328b819f4a1a50965d05b35b19115fd980af077c798363ee77ad560Mandriva Linux Security Advisory 2009-214 - A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack.
8baa30d1ae51b2aee60f255fb0bd84170f9ca0c145d62c2ac452aed9110c5983Mandriva Linux Security Advisory 2009-213 - A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack.
111fda230c0d060c1db1fe458067d6dcf3b80aa0be55bee39174cc106791fe7dMandriva Linux Security Advisory 2009-212 - A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack.
72b925d3e0a240c46928b20b6fc7e1e32e82593cc0b1fa34698fc90cb3e7167cMandriva Linux Security Advisory 2009-211 - A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack.
5b61601e33e11594211de303a61c8e1b2463eb8687e98e63a81dd0577061bd5dMandriva Linux Security Advisory 2009-209 - Multiple Java OpenJDK security vulnerabilities has been identified and fixed.
e63ca3c4a2288ce9ba25d35c65a3b5ec6f6320072a58c8b95f0f89a275cf4470Ubuntu Security Notice USN-814-1 - A substantial amount of vulnerabilities in openjdk-6 have been addressed and fixed. These issues range from denial of service to code execution vulnerabilities.
8d697a9751f57fbe8413cde8fc1c7dc6b4cc1de4d608811d3f65cf6b190ea1d8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed