Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2016.0263
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2016-0263)
Zusammenfassung:	The remote host is missing an update for the 'libxml2' package(s) announced via the MGASA-2016-0263 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libxml2' package(s) announced via the MGASA-2016-0263 advisory. Vulnerability Insight: A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application (CVE-2016-1834, CVE-2016-1840). Multiple denial of service flaws were found in libxml2. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, could cause that application to crash (CVE-2016-1762, CVE-2016-1833, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2015-8806, CVE-2016-2073, CVE-2016-4483, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449). The libxml2 package has been updated to version 2.9.4, fixing these issues and other bugs. Affected Software/OS: 'libxml2' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8806 BugTraq ID: 82071 http://www.securityfocus.com/bid/82071 Debian Security Information: DSA-3593 (Google Search) https://www.debian.org/security/2016/dsa-3593 https://security.gentoo.org/glsa/201701-37 https://bugzilla.gnome.org/show_bug.cgi?id=749115 http://www.openwall.com/lists/oss-security/2016/02/03/5 http://www.ubuntu.com/usn/USN-2994-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-1762 http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html BugTraq ID: 85059 http://www.securityfocus.com/bid/85059 RedHat Security Advisories: RHSA-2016:1292 https://access.redhat.com/errata/RHSA-2016:1292 RedHat Security Advisories: RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html http://www.securitytracker.com/id/1035353 Common Vulnerability Exposure (CVE) ID: CVE-2016-1833 http://lists.apple.com/archives/security-announce/2016/May/msg00001.html http://lists.apple.com/archives/security-announce/2016/May/msg00002.html http://lists.apple.com/archives/security-announce/2016/May/msg00003.html http://lists.apple.com/archives/security-announce/2016/May/msg00004.html BugTraq ID: 90691 http://www.securityfocus.com/bid/90691 https://bugs.chromium.org/p/project-zero/issues/detail?id=636 http://www.securitytracker.com/id/1035890 Common Vulnerability Exposure (CVE) ID: CVE-2016-1834 Common Vulnerability Exposure (CVE) ID: CVE-2016-1835 BugTraq ID: 90696 http://www.securityfocus.com/bid/90696 Common Vulnerability Exposure (CVE) ID: CVE-2016-1836 http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2016-1837 Common Vulnerability Exposure (CVE) ID: CVE-2016-1838 https://bugs.chromium.org/p/project-zero/issues/detail?id=639 Common Vulnerability Exposure (CVE) ID: CVE-2016-1839 http://www.securitytracker.com/id/1038623 Common Vulnerability Exposure (CVE) ID: CVE-2016-1840 Common Vulnerability Exposure (CVE) ID: CVE-2016-2073 BugTraq ID: 85267 http://www.securityfocus.com/bid/85267 http://www.openwall.com/lists/oss-security/2016/01/25/6 http://www.openwall.com/lists/oss-security/2016/01/26/7 http://www.securitytracker.com/id/1035011 Common Vulnerability Exposure (CVE) ID: CVE-2016-4447 1036348 http://www.securitytracker.com/id/1036348 90864 http://www.securityfocus.com/bid/90864 APPLE-SA-2016-07-18-1 APPLE-SA-2016-07-18-2 APPLE-SA-2016-07-18-3 APPLE-SA-2016-07-18-4 APPLE-SA-2016-07-18-6 DSA-3593 RHSA-2016:1292 RHSA-2016:2957 SSA:2016-148-01 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722 USN-2994-1 [oss-security] 20160525 3 libxml2 issues http://www.openwall.com/lists/oss-security/2016/05/25/2 http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://xmlsoft.org/news.html https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709 https://kc.mcafee.com/corporate/index?page=content&id=SB10170 https://support.apple.com/HT206899 https://support.apple.com/HT206901 https://support.apple.com/HT206902 https://support.apple.com/HT206903 https://support.apple.com/HT206904 https://support.apple.com/HT206905 https://www.tenable.com/security/tns-2016-18 Common Vulnerability Exposure (CVE) ID: CVE-2016-4448 90856 http://www.securityfocus.com/bid/90856 https://bugzilla.redhat.com/show_bug.cgi?id=1338700 https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9 https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b Common Vulnerability Exposure (CVE) ID: CVE-2016-4449 90865 http://www.securityfocus.com/bid/90865 JVN#17535578 http://jvn.jp/en/jp/JVN17535578/index.html JVNDB-2017-000066 http://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000066.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5 https://support.cybozu.com/ja-jp/article/9735 Common Vulnerability Exposure (CVE) ID: CVE-2016-4483 BugTraq ID: 90013 http://www.securityfocus.com/bid/90013 http://www.debian.org/security/2016/dsa-3593 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E http://www.openwall.com/lists/oss-security/2016/05/03/8 http://www.openwall.com/lists/oss-security/2016/05/04/7 http://www.openwall.com/lists/oss-security/2016/06/07/4 http://www.openwall.com/lists/oss-security/2016/06/07/5
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.