Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871514
Category:Red Hat Local Security Checks
Title:RedHat Update for libxml2 RHSA-2015:2550-01
Summary:The remote host is missing an update for the 'libxml2'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'libxml2'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The libxml2 library is a development toolbox
providing the implementation of various XML standards.

Several denial of service flaws were found in libxml2, a library providing
support for reading, modifying, and writing XML and HTML files. A remote
attacker could provide a specially crafted XML or HTML file that, when
processed by an application using libxml2, would cause that application to
use an excessive amount of CPU, leak potentially sensitive information, or
in certain cases crash the application. (CVE-2015-1819, CVE-2015-5312,
CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500 CVE-2015-7941,
CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957,
BZ#1281955)

Red Hat would like to thank the GNOME project for reporting CVE-2015-7497,
CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-8241, CVE-2015-8242,
and CVE-2015-8317. Upstream acknowledges Kostya Serebryany of Google as the
original reporter of CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, and
CVE-2015-7500 Hugh Davenport as the original reporter of CVE-2015-8241 and
CVE-2015-8242 and Hanno Boeck as the original reporter of CVE-2015-8317.
The CVE-2015-1819 issue was discovered by Florian Weimer of Red Hat
Product Security.

All libxml2 users are advised to upgrade to these updated packages, which
contain a backported patch to correct these issues. The desktop must be
restarted (log out, then log back in) for this update to take effect.

Affected Software/OS:
libxml2 on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-1819
http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
BugTraq ID: 75570
http://www.securityfocus.com/bid/75570
Debian Security Information: DSA-3430 (Google Search)
http://www.debian.org/security/2015/dsa-3430
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html
https://security.gentoo.org/glsa/201507-08
https://security.gentoo.org/glsa/201701-37
RedHat Security Advisories: RHSA-2015:1419
http://rhn.redhat.com/errata/RHSA-2015-1419.html
RedHat Security Advisories: RHSA-2015:2550
http://rhn.redhat.com/errata/RHSA-2015-2550.html
http://www.securitytracker.com/id/1034243
SuSE Security Announcement: openSUSE-SU-2015:2372 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
SuSE Security Announcement: openSUSE-SU-2016:0106 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
http://www.ubuntu.com/usn/USN-2812-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-5312
BugTraq ID: 79536
http://www.securityfocus.com/bid/79536
HPdes Security Advisory: HPSBGN03537
http://marc.info/?l=bugtraq&m=145382616617563&w=2
RedHat Security Advisories: RHSA-2015:2549
http://rhn.redhat.com/errata/RHSA-2015-2549.html
RedHat Security Advisories: RHSA-2016:1089
http://rhn.redhat.com/errata/RHSA-2016-1089.html
http://www.ubuntu.com/usn/USN-2834-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7497
BugTraq ID: 79508
http://www.securityfocus.com/bid/79508
Common Vulnerability Exposure (CVE) ID: CVE-2015-7498
BugTraq ID: 79548
http://www.securityfocus.com/bid/79548
Common Vulnerability Exposure (CVE) ID: CVE-2015-7499
BugTraq ID: 79509
http://www.securityfocus.com/bid/79509
Common Vulnerability Exposure (CVE) ID: CVE-2015-7500
BugTraq ID: 79562
http://www.securityfocus.com/bid/79562
Common Vulnerability Exposure (CVE) ID: CVE-2015-7941
BugTraq ID: 74241
http://www.securityfocus.com/bid/74241
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html
http://www.openwall.com/lists/oss-security/2015/10/22/5
http://www.openwall.com/lists/oss-security/2015/10/22/8
Common Vulnerability Exposure (CVE) ID: CVE-2015-7942
BugTraq ID: 79507
http://www.securityfocus.com/bid/79507
Common Vulnerability Exposure (CVE) ID: CVE-2015-8241
BugTraq ID: 77621
http://www.securityfocus.com/bid/77621
http://www.openwall.com/lists/oss-security/2015/11/17/5
http://www.openwall.com/lists/oss-security/2015/11/18/23
Common Vulnerability Exposure (CVE) ID: CVE-2015-8242
BugTraq ID: 77681
http://www.securityfocus.com/bid/77681
Common Vulnerability Exposure (CVE) ID: CVE-2015-8317
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
BugTraq ID: 91826
http://www.securityfocus.com/bid/91826
https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html
http://www.openwall.com/lists/oss-security/2015/11/21/1
http://www.openwall.com/lists/oss-security/2015/11/22/3
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.