Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2014.0152
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2014-0152)
Zusammenfassung:	The remote host is missing an update for the 'xalan-j2' package(s) announced via the MGASA-2014-0152 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'xalan-j2' package(s) announced via the MGASA-2014-0152 advisory. Vulnerability Insight: Updated xalan-j2 packages fix security vulnerability: Nicolas Gregoire discovered several vulnerabilities in libxalan2-java. Crafted XSLT programs could access system properties or load arbitrary classes, resulting in information disclosure and, potentially, arbitrary code execution (CVE-2014-0107). Affected Software/OS: 'xalan-j2' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0107 BugTraq ID: 66397 http://www.securityfocus.com/bid/66397 http://svn.apache.org/viewvc?view=revision&revision=1581058 http://www-01.ibm.com/support/docview.wss?uid=swg21674334 http://www-01.ibm.com/support/docview.wss?uid=swg21676093 http://www-01.ibm.com/support/docview.wss?uid=swg21677145 http://www-01.ibm.com/support/docview.wss?uid=swg21680703 http://www-01.ibm.com/support/docview.wss?uid=swg21681933 http://www.ibm.com/support/docview.wss?uid=swg21677967 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755 https://issues.apache.org/jira/browse/XALANJ-2435 https://www.tenable.com/security/tns-2018-15 Debian Security Information: DSA-2886 (Google Search) http://www.debian.org/security/2014/dsa-2886 https://security.gentoo.org/glsa/201604-02 http://www.ocert.org/advisories/ocert-2014-002.html https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r0c00afcab8f238562e27b3ae7b8af1913c62bc60838fb8b34c19e26b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r2900489bc665a2e32d021bb21f6ce2cb8e6bb5973490eebb9a346bca@%3Cdev.tomcat.apache.org%3E RedHat Security Advisories: RHSA-2014:0348 http://rhn.redhat.com/errata/RHSA-2014-0348.html RedHat Security Advisories: RHSA-2014:1351 http://rhn.redhat.com/errata/RHSA-2014-1351.html RedHat Security Advisories: RHSA-2015:1888 http://rhn.redhat.com/errata/RHSA-2015-1888.html http://www.securitytracker.com/id/1034711 http://www.securitytracker.com/id/1034716 http://secunia.com/advisories/57563 http://secunia.com/advisories/59036 http://secunia.com/advisories/59151 http://secunia.com/advisories/59247 http://secunia.com/advisories/59290 http://secunia.com/advisories/59291 http://secunia.com/advisories/59369 http://secunia.com/advisories/59515 http://secunia.com/advisories/59711 http://secunia.com/advisories/60502 XForce ISS Database: apache-xalanjava-cve20140107-sec-bypass(92023) https://exchange.xforce.ibmcloud.com/vulnerabilities/92023
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.