Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.1.2.2018.1156
Kategorie:Huawei EulerOS Local Security Checks
Titel:Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2018-1156)
Zusammenfassung:The remote host is missing an update for the Huawei EulerOS 'libxml2' package(s) announced via the EulerOS-SA-2018-1156 advisory.
Beschreibung:Summary:
The remote host is missing an update for the Huawei EulerOS 'libxml2' package(s) announced via the EulerOS-SA-2018-1156 advisory.

Vulnerability Insight:
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.(CVE-2016-5131)

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.(CVE-2017-16931)

parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.)CVE-2017-16932)

Affected Software/OS:
'libxml2' package(s) on Huawei EulerOS V2.0SP3.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-5131
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html
http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html
http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html
http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html
BugTraq ID: 92053
http://www.securityfocus.com/bid/92053
Debian Security Information: DSA-3637 (Google Search)
http://www.debian.org/security/2016/dsa-3637
https://security.gentoo.org/glsa/201610-09
https://security.gentoo.org/glsa/201701-37
RedHat Security Advisories: RHSA-2016:1485
http://rhn.redhat.com/errata/RHSA-2016-1485.html
http://www.securitytracker.com/id/1036428
http://www.securitytracker.com/id/1038623
SuSE Security Announcement: openSUSE-SU-2016:1865 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html
SuSE Security Announcement: openSUSE-SU-2016:1868 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html
SuSE Security Announcement: openSUSE-SU-2016:1869 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html
SuSE Security Announcement: openSUSE-SU-2016:1918 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html
http://www.ubuntu.com/usn/USN-3041-1
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.