what you don't know can hurt you
Showing 1 - 13 of 13 RSS Feed

CVE-2011-3919

Status Candidate

Overview

Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Related Files

Red Hat Security Advisory 2013-0217-01
Posted Feb 1, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0217-01 - These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW. IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release.

tags | advisory
systems | linux, redhat
advisories | CVE-2010-4008, CVE-2010-4494, CVE-2011-0216, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3102, CVE-2011-3905, CVE-2011-3919, CVE-2012-0841, CVE-2012-5134
MD5 | 5d58753a06f8a0e9b2707ea31764ec03
Apple Security Advisory 2012-09-24-1
Posted Sep 25, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-09-24-1 - Apple TV 5.1 is now available and addresses issues relating to malicious media loading, memory corruption, and more.

tags | advisory
systems | apple
advisories | CVE-2011-1167, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3026, CVE-2011-3048, CVE-2011-3328, CVE-2011-3919, CVE-2011-4599, CVE-2012-0682, CVE-2012-0683, CVE-2012-1173, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3678, CVE-2012-3679, CVE-2012-3722, CVE-2012-3725, CVE-2012-3726
MD5 | 02d5cf6eea27e80e9fb74ce87ba23963
VMware Security Advisory 2012-0012
Posted Jul 13, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0012 - VMware ESXi update addresses several security issues.

tags | advisory
advisories | CVE-2010-4008, CVE-2010-4494, CVE-2011-0216, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919, CVE-2012-0841
MD5 | 88bdb05b2e09a6f74db93a991c7c1834
Apple Security Advisory 2012-05-09-1
Posted May 10, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-05-09-1 - OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. A temporary file race condition issue existed in blued's initialization routine. There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion. Various other vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-0241, CVE-2011-1004, CVE-2011-1005, CVE-2011-1167, CVE-2011-1777, CVE-2011-1778, CVE-2011-1944, CVE-2011-2692, CVE-2011-2821, CVE-2011-2834, CVE-2011-2895, CVE-2011-3212, CVE-2011-3328, CVE-2011-3389, CVE-2011-3919, CVE-2011-4566, CVE-2011-4815, CVE-2011-4885, CVE-2012-0036, CVE-2012-0642, CVE-2012-0649, CVE-2012-0651, CVE-2012-0652, CVE-2012-0654, CVE-2012-0655, CVE-2012-0656, CVE-2012-0657, CVE-2012-0658
MD5 | 9614673327dc336467f1b3577177a46e
VMware Security Advisory 2012-0008
Posted Apr 27, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0008 - VMware ESX updates have been created for the ESX Service Console. The ESX Service Console Operating System (COS) kernel is updated which addresses several security issues in the COS kernel. The ESX Console Operating System (COS) libxml2 rpms are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2 and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several security issues. Various other issues have also been addressed.

tags | advisory, kernel, python
advisories | CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3191, CVE-2011-3905, CVE-2011-3919, CVE-2011-4348, CVE-2012-0028
MD5 | 2c100e23d23700d3afbb62cee7820b04
Gentoo Linux Security Advisory 201202-09
Posted Mar 1, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201202-9 - A boundary error in libxml2 could result in execution of arbitrary code or Denial of Service. Versions less than 2.7.8-r4 are affected.

tags | advisory, denial of service, arbitrary
systems | linux, gentoo
advisories | CVE-2011-3919
MD5 | 481bc01fcab75cb6614a4907aaecc050
Red Hat Security Advisory 2012-0104-01
Posted Feb 8, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0104-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted for this update to take effect.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-3919
MD5 | 643aa04a1eab37267d01607854328ade
Debian Security Advisory 2394-1
Posted Jan 27, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2394-1 - Many security problems had been fixed in libxml2, a popular library to handle XML data files.

tags | advisory
systems | linux, debian
advisories | CVE-2011-0216, CVE-2011-2821, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919
MD5 | 77050a9a5d2e70e5230ae57b6ce6a129
Ubuntu Security Notice USN-1334-1
Posted Jan 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1334-1 - It was discovered that libxml2 contained an off by one error. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libxml2 is vulnerable to double-free conditions when parsing certain XML documents. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-0216, CVE-2011-2821, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919
MD5 | d35688e59e6cb186155a63ae04e731e5
Mandriva Linux Security Advisory 2012-005
Posted Jan 16, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-005 - A heap-based buffer overflow in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2011-3919
MD5 | b38876c56f37c08a1d08cd3c81524056
Red Hat Security Advisory 2012-0018-01
Posted Jan 12, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0018-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-3905, CVE-2011-3919
MD5 | 759cfb4a061262104111b276d9ed3900
Red Hat Security Advisory 2012-0017-01
Posted Jan 12, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0017-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919
MD5 | ea04eb97d0dc8d5b9832dce8b1bfda7c
Red Hat Security Advisory 2012-0016-01
Posted Jan 12, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0016-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-0216, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919
MD5 | 0eadaa5545d594988489762f5772d834
Page 1 of 1
Back1Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    3 Files
  • 18
    Nov 18th
    22 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close