Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2014.0398
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2014-0398)
Zusammenfassung:	The remote host is missing an update for the 'xerces-j2' package(s) announced via the MGASA-2014-0398 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'xerces-j2' package(s) announced via the MGASA-2014-0398 advisory. Vulnerability Insight: Updated xerces-j2 packages fix security vulnerability: A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specially crafted declaration using a long pseudo-attribute name that, when parsed by an application using Xerces-J, would cause that application to use an excessive amount of CPU (CVE-2013-4002). Affected Software/OS: 'xerces-j2' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4002 AIX APAR: IC98015 http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015 http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html BugTraq ID: 61310 http://www.securityfocus.com/bid/61310 http://support.apple.com/kb/HT5982 http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250&r2=1499506&view=patch http://www-01.ibm.com/support/docview.wss?uid=swg21644197 http://www-01.ibm.com/support/docview.wss?uid=swg21653371 http://www-01.ibm.com/support/docview.wss?uid=swg21657539 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002 http://www.ibm.com/support/docview.wss?uid=swg21648172 https://issues.apache.org/jira/browse/XERCESJ-1679 https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html http://security.gentoo.org/glsa/glsa-201406-32.xml HPdes Security Advisory: HPSBUX02943 http://marc.info/?l=bugtraq&m=138674031212883&w=2 HPdes Security Advisory: HPSBUX02944 http://marc.info/?l=bugtraq&m=138674073720143&w=2 http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013 https://www.oracle.com/security-alerts/cpuapr2022.html https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E RedHat Security Advisories: RHSA-2013:1059 http://rhn.redhat.com/errata/RHSA-2013-1059.html RedHat Security Advisories: RHSA-2013:1060 http://rhn.redhat.com/errata/RHSA-2013-1060.html RedHat Security Advisories: RHSA-2013:1081 http://rhn.redhat.com/errata/RHSA-2013-1081.html RedHat Security Advisories: RHSA-2013:1440 http://rhn.redhat.com/errata/RHSA-2013-1440.html RedHat Security Advisories: RHSA-2013:1447 http://rhn.redhat.com/errata/RHSA-2013-1447.html RedHat Security Advisories: RHSA-2013:1451 http://rhn.redhat.com/errata/RHSA-2013-1451.html RedHat Security Advisories: RHSA-2013:1505 http://rhn.redhat.com/errata/RHSA-2013-1505.html RedHat Security Advisories: RHSA-2014:0414 https://access.redhat.com/errata/RHSA-2014:0414 RedHat Security Advisories: RHSA-2014:1818 http://rhn.redhat.com/errata/RHSA-2014-1818.html RedHat Security Advisories: RHSA-2014:1821 http://rhn.redhat.com/errata/RHSA-2014-1821.html RedHat Security Advisories: RHSA-2014:1822 http://rhn.redhat.com/errata/RHSA-2014-1822.html RedHat Security Advisories: RHSA-2014:1823 http://rhn.redhat.com/errata/RHSA-2014-1823.html RedHat Security Advisories: RHSA-2015:0675 http://rhn.redhat.com/errata/RHSA-2015-0675.html RedHat Security Advisories: RHSA-2015:0720 http://rhn.redhat.com/errata/RHSA-2015-0720.html RedHat Security Advisories: RHSA-2015:0765 http://rhn.redhat.com/errata/RHSA-2015-0765.html RedHat Security Advisories: RHSA-2015:0773 http://rhn.redhat.com/errata/RHSA-2015-0773.html http://secunia.com/advisories/56257 SuSE Security Announcement: SUSE-SU-2013:1255 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html SuSE Security Announcement: SUSE-SU-2013:1256 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html SuSE Security Announcement: SUSE-SU-2013:1257 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html SuSE Security Announcement: SUSE-SU-2013:1263 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html SuSE Security Announcement: SUSE-SU-2013:1293 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html SuSE Security Announcement: SUSE-SU-2013:1305 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html SuSE Security Announcement: SUSE-SU-2013:1666 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html SuSE Security Announcement: openSUSE-SU-2013:1663 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html http://www.ubuntu.com/usn/USN-2033-1 http://www.ubuntu.com/usn/USN-2089-1 XForce ISS Database: ibm-java-cve20134002-dos(85260) https://exchange.xforce.ibmcloud.com/vulnerabilities/85260
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.