CVE-2015-3451

Related Files

Mandriva Linux Security Advisory 2015-231

Posted May 7, 2015

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-231 - Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expand_entities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.

tags | advisory

systems | linux, mandriva

advisories | CVE-2015-3451

SHA-256 | 00c15cbb854e0cc2cb67a8a8c9493a11bcbe0d00eaef699792b44316f20a5dce

Download | Favorite | View

Ubuntu Security Notice USN-2592-1

Posted May 4, 2015

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2592-1 - Tilmann Haak discovered that XML::LibXML incorrectly handled the expand_entities parameter in certain situations. A remote attacker could possibly use this issue to access sensitive information.

tags | advisory, remote

systems | linux, ubuntu

advisories | CVE-2015-3451

SHA-256 | 458e6fe89eed0be841fc1b8ecf0008b007d76a2bef3cf98a9e49ce1d8c8af239

Download | Favorite | View

Debian Security Advisory 3243-1

Posted May 4, 2015

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3243-1 - Tilmann Haak from xing.com discovered that XML::LibXML, a Perl interface to the libxml2 library, did not respect the expand_entities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.

tags | advisory, perl

systems | linux, debian

advisories | CVE-2015-3451

SHA-256 | d4a75e72b8eb10cf469d80e08b6cc4baf75113761ac80b4bf322fcfea8d988b6

Download | Favorite | View