Red Hat Local Security Checks : RedHat Update for xerces-c RHSA-2015:1193-01

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.871384

Categoría: Red Hat Local Security Checks

Título: RedHat Update for xerces-c RHSA-2015:1193-01

Resumen: The remote host is missing an update for the 'xerces-c'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'xerces-c'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Xerces-C is a validating XML parser written in a portable subset of C++.

A flaw was found in the way the Xerces-C XML parser processed certain XML
documents. A remote attacker could provide specially crafted XML input
that, when parsed by an application using Xerces-C, would cause that
application to crash. (CVE-2015-0252)

All xerces-c users are advised to upgrade to this updated package, which
contains a backported patch to correct this issue.

Affected Software/OS:
xerces-c on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-0252
BugTraq ID: 73252
http://www.securityfocus.com/bid/73252
Debian Security Information: DSA-3199 (Google Search)
http://www.debian.org/security/2015/dsa-3199
https://www.exploit-db.com/exploits/36906/
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152882.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153887.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153829.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153094.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153923.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153903.html
http://packetstormsecurity.com/files/131756/Apache-Xerces-C-XML-Parser-Denial-Of-Service.html
RedHat Security Advisories: RHSA-2015:1193
http://rhn.redhat.com/errata/RHSA-2015-1193.html
http://www.securitytracker.com/id/1032254
SuSE Security Announcement: openSUSE-SU-2016:0966 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-04/msg00012.html

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.871384
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for xerces-c RHSA-2015:1193-01
Resumen:	The remote host is missing an update for the 'xerces-c'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'xerces-c' package(s) announced via the referenced advisory. Vulnerability Insight: Xerces-C is a validating XML parser written in a portable subset of C++. A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash. (CVE-2015-0252) All xerces-c users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. Affected Software/OS: xerces-c on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0252 BugTraq ID: 73252 http://www.securityfocus.com/bid/73252 Debian Security Information: DSA-3199 (Google Search) http://www.debian.org/security/2015/dsa-3199 https://www.exploit-db.com/exploits/36906/ http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152882.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153887.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153829.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153094.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153923.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153903.html http://packetstormsecurity.com/files/131756/Apache-Xerces-C-XML-Parser-Denial-Of-Service.html RedHat Security Advisories: RHSA-2015:1193 http://rhn.redhat.com/errata/RHSA-2015-1193.html http://www.securitytracker.com/id/1032254 SuSE Security Announcement: openSUSE-SU-2016:0966 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-04/msg00012.html
Copyright	Copyright (C) 2015 Greenbone AG