CentOS Local Security Checks : CentOS Update for xerces-c CESA-2015:1193 centos7

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.882212

Categoría: CentOS Local Security Checks

Título: CentOS Update for xerces-c CESA-2015:1193 centos7

Resumen: Check the version of xerces-c

Descripción: Summary:
Check the version of xerces-c

Vulnerability Insight:
Xerces-C is a validating XML parser written
in a portable subset of C++.

A flaw was found in the way the Xerces-C XML parser processed certain XML
documents. A remote attacker could provide specially crafted XML input
that, when parsed by an application using Xerces-C, would cause that
application to crash. (CVE-2015-0252)

All xerces-c users are advised to upgrade to this updated package, which
contains a backported patch to correct this issue.

Affected Software/OS:
xerces-c on CentOS 7

Solution:
Please install the updated packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-0252
BugTraq ID: 73252
http://www.securityfocus.com/bid/73252
Debian Security Information: DSA-3199 (Google Search)
http://www.debian.org/security/2015/dsa-3199
https://www.exploit-db.com/exploits/36906/
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152882.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153887.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153829.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153094.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153923.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153903.html
http://packetstormsecurity.com/files/131756/Apache-Xerces-C-XML-Parser-Denial-Of-Service.html
RedHat Security Advisories: RHSA-2015:1193
http://rhn.redhat.com/errata/RHSA-2015-1193.html
http://www.securitytracker.com/id/1032254
SuSE Security Announcement: openSUSE-SU-2016:0966 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-04/msg00012.html

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.882212
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for xerces-c CESA-2015:1193 centos7
Resumen:	Check the version of xerces-c
Descripción:	Summary: Check the version of xerces-c Vulnerability Insight: Xerces-C is a validating XML parser written in a portable subset of C++. A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash. (CVE-2015-0252) All xerces-c users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. Affected Software/OS: xerces-c on CentOS 7 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0252 BugTraq ID: 73252 http://www.securityfocus.com/bid/73252 Debian Security Information: DSA-3199 (Google Search) http://www.debian.org/security/2015/dsa-3199 https://www.exploit-db.com/exploits/36906/ http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152882.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153887.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153829.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153094.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153923.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153903.html http://packetstormsecurity.com/files/131756/Apache-Xerces-C-XML-Parser-Denial-Of-Service.html RedHat Security Advisories: RHSA-2015:1193 http://rhn.redhat.com/errata/RHSA-2015-1193.html http://www.securitytracker.com/id/1032254 SuSE Security Announcement: openSUSE-SU-2016:0966 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-04/msg00012.html
Copyright	Copyright (C) 2015 Greenbone AG