[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248678

 
 

909

 
 

195426

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 43281 Download | Alert*

expat: XML parsing C library Expat could be made to crash or run programs as your login if it opened a specially crafted file.

expat: XML parsing C library Several security issues were fixed in Expat.

firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website.

CVE-2016-0718 : Out-of-bounds read flaw An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code with the permission of the user running the application.

A denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially-crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successful ...

CVE-2012-6702: Using XML_Parse before rand results into non-random output. Reference: CVE-2016-5300: Little entropy used for hash initialization. The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete f ...

This update for expat fixes the following security issues: - CVE-2012-6702: Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, made it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. - CVE-2016-5300: The XML parser in Expat did not use sufficient entropy for hash initializ ...

This update for expat fixes the following security issues: - CVE-2012-6702: Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, made it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. - CVE-2016-5300: The XML parser in Expat did not use sufficient entropy for hash initializ ...

This update for sqlite3 fixes the following issues: - Update to version 3.36.0 - CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization - CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizations in isAuxiliaryVtabOperator - CVE-2019-20218: selectExpander in select.c proceeds with WITH sta ...

This update for sqlite3 fixes the following issues: The following security issue was fixed: - CVE-2016-6153: Fixed a tempdir selection vulnerability


Pages:      Start    1205    1206    1207    1208    1209    1210    1211    1212    1213    1214    1215    1216    1217    1218    ..   4328

© SecPod Technologies