Test ID:	1.3.6.1.4.1.25623.1.0.842535
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2812-1)
Summary:	The remote host is missing an update for the 'libxml2' package(s) announced via the USN-2812-1 advisory.
Description:	Summary: The remote host is missing an update for the 'libxml2' package(s) announced via the USN-2812-1 advisory. Vulnerability Insight: Florian Weimer discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-1819) Michal Zalewski discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-7941) Kostya Serebryany discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-7942) Gustavo Grieco discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-8035) Affected Software/OS: 'libxml2' package(s) on Ubuntu 12.04, Ubuntu 14.04, Ubuntu 15.04, Ubuntu 15.10. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1819 1034243 http://www.securitytracker.com/id/1034243 75570 http://www.securityfocus.com/bid/75570 APPLE-SA-2016-03-21-1 http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html APPLE-SA-2016-03-21-2 http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html APPLE-SA-2016-03-21-3 http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html APPLE-SA-2016-03-21-5 http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html DSA-3430 http://www.debian.org/security/2015/dsa-3430 FEDORA-2015-037f844d3e http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html FEDORA-2015-c24af963a2 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html GLSA-201507-08 https://security.gentoo.org/glsa/201507-08 GLSA-201701-37 https://security.gentoo.org/glsa/201701-37 RHSA-2015:1419 http://rhn.redhat.com/errata/RHSA-2015-1419.html RHSA-2015:2550 http://rhn.redhat.com/errata/RHSA-2015-2550.html USN-2812-1 http://www.ubuntu.com/usn/USN-2812-1 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://xmlsoft.org/news.html https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9 https://support.apple.com/HT206166 https://support.apple.com/HT206167 https://support.apple.com/HT206168 https://support.apple.com/HT206169 openSUSE-SU-2015:2372 http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html openSUSE-SU-2016:0106 http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html Common Vulnerability Exposure (CVE) ID: CVE-2015-7941 BugTraq ID: 74241 http://www.securityfocus.com/bid/74241 Debian Security Information: DSA-3430 (Google Search) http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html HPdes Security Advisory: HPSBGN03537 http://marc.info/?l=bugtraq&m=145382616617563&w=2 http://www.openwall.com/lists/oss-security/2015/10/22/5 http://www.openwall.com/lists/oss-security/2015/10/22/8 RedHat Security Advisories: RHSA-2015:2549 http://rhn.redhat.com/errata/RHSA-2015-2549.html RedHat Security Advisories: RHSA-2015:2550 RedHat Security Advisories: RHSA-2016:1089 http://rhn.redhat.com/errata/RHSA-2016-1089.html SuSE Security Announcement: openSUSE-SU-2015:2372 (Google Search) SuSE Security Announcement: openSUSE-SU-2016:0106 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2015-7942 BugTraq ID: 79507 http://www.securityfocus.com/bid/79507 Common Vulnerability Exposure (CVE) ID: CVE-2015-8035 BugTraq ID: 77390 http://www.securityfocus.com/bid/77390 http://www.openwall.com/lists/oss-security/2015/11/02/2 http://www.openwall.com/lists/oss-security/2015/11/02/4 http://www.openwall.com/lists/oss-security/2015/11/03/1
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.