Test Kennung:	1.3.6.1.4.1.25623.1.0.121459
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 201604-02
Zusammenfassung:	Gentoo Linux Local Security Checks
Beschreibung:	Summary: Gentoo Linux Local Security Checks Vulnerability Insight: The TransformerFactory in Apache Xalan-Java does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled. This can also be exploited via a Java property that is bound to the XSLT 1.0 system-property function. Solution: Update the affected packages to the latest available version. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0107 BugTraq ID: 66397 http://www.securityfocus.com/bid/66397 http://svn.apache.org/viewvc?view=revision&revision=1581058 http://www-01.ibm.com/support/docview.wss?uid=swg21674334 http://www-01.ibm.com/support/docview.wss?uid=swg21676093 http://www-01.ibm.com/support/docview.wss?uid=swg21677145 http://www-01.ibm.com/support/docview.wss?uid=swg21680703 http://www-01.ibm.com/support/docview.wss?uid=swg21681933 http://www.ibm.com/support/docview.wss?uid=swg21677967 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755 https://issues.apache.org/jira/browse/XALANJ-2435 https://www.tenable.com/security/tns-2018-15 Debian Security Information: DSA-2886 (Google Search) http://www.debian.org/security/2014/dsa-2886 https://security.gentoo.org/glsa/201604-02 http://www.ocert.org/advisories/ocert-2014-002.html https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r0c00afcab8f238562e27b3ae7b8af1913c62bc60838fb8b34c19e26b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r2900489bc665a2e32d021bb21f6ce2cb8e6bb5973490eebb9a346bca@%3Cdev.tomcat.apache.org%3E RedHat Security Advisories: RHSA-2014:0348 http://rhn.redhat.com/errata/RHSA-2014-0348.html RedHat Security Advisories: RHSA-2014:1351 http://rhn.redhat.com/errata/RHSA-2014-1351.html RedHat Security Advisories: RHSA-2015:1888 http://rhn.redhat.com/errata/RHSA-2015-1888.html http://www.securitytracker.com/id/1034711 http://www.securitytracker.com/id/1034716 http://secunia.com/advisories/57563 http://secunia.com/advisories/59036 http://secunia.com/advisories/59151 http://secunia.com/advisories/59247 http://secunia.com/advisories/59290 http://secunia.com/advisories/59291 http://secunia.com/advisories/59369 http://secunia.com/advisories/59515 http://secunia.com/advisories/59711 http://secunia.com/advisories/60502 XForce ISS Database: apache-xalanjava-cve20140107-sec-bypass(92023) https://exchange.xforce.ibmcloud.com/vulnerabilities/92023
Copyright	Copyright (C) 2016 Eero Volotinen

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.