CVE-2016-1684: numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote…

CVE-2015-7995 [MEDIUM] Libxslt vulnerabilities Title: Libxslt vulnerabilities Summary: Several security issues were fixed in Libxslt. Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString() function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service (application crash) or possible execute arbitrary code. (CVE-2017-5029) Nicolas Gregoire discovered that Libxslt mishandled namespace nodes. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service (application crash) or possibly execute arbtrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. (CVE-2016-1683) Sebastian Apelt discovered that a use-after-error existed in the xsltDocumentFunctionLoadDocument() f

CVE-2016-1684 [HIGH] CVE-2016-1684: watchOS 2.2.2 Apple Security Update: About the security content of watchOS 2.2.2 Product: watchOS Version: 2.2.2 CVE: CVE-2016-1684 Component: Libc Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow existed within the "link_ntoa()" function in linkaddr.c. This issue was addressed through additional bounds checking.

CVE-2016-1684 [HIGH] CVE-2016-1684: iTunes 12.4.2 for Windows Apple Security Update: About the security content of iTunes 12.4.2 for Windows Product: iTunes 12.4.2 for Windows CVE: CVE-2016-1684 Component: About Apple security updates Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling.

CVE-2016-1684 [HIGH] CVE-2016-1684: iCloud for Windows 5.2.1 Apple Security Update: About the security content of iCloud for Windows 5.2.1 Product: iCloud for Windows Version: 5.2.1 CVE: CVE-2016-1684 Component: About Apple security updates Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling.

CVE-2016-1684 [HIGH] CVE-2016-1684: tvOS 9.2.2 Apple Security Update: About the security content of tvOS 9.2.2 Product: tvOS Version: 9.2.2 CVE: CVE-2016-1684 Component: Kernel Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation.

CVE-2016-1684 [HIGH] CVE-2016-1684: iOS 9.3.3 Apple Security Update: About the security content of iOS 9.3.3 Product: iOS Version: 9.3.3 CVE: CVE-2016-1684 Component: Libc Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow existed within the "link_ntoa()" function in linkaddr.c. This issue was addressed through additional bounds checking.

CVE-2016-1684 [HIGH] CVE-2016-1684: OS X El Capitan v10.11.6 and Security Update 2016-004 Apple Security Update: About the security content of OS X El Capitan v10.11.6 and Security Update 2016-004 Product: OS X El Capitan v10.11.6 and Security Update 2016-004 CVE: CVE-2016-1684 Component: LibreSSL Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7.

CVE-2016-1673 [HIGH] Oxide vulnerabilities Title: Oxide vulnerabilities Summary: Several security issues were fixed in Oxide. An unspecified security issue was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2016-1673) An issue was discovered with Document reattachment in Blink in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2016-1675) A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information. (CVE-2016-1677) A heap overflow was discovered in V8. If a user wer

CVE-2016-1684 [HIGH] chromium-browser: integer overflow in libxslt chromium-browser: integer overflow in libxslt numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document. Package: libxslt (Red Hat Enterprise Linux 5) - Will not fix Package: libxslt (Red Hat Enterprise Linux 6) - Will not fix Package: libxslt (Red Hat Enterprise Linux 7) - Will not fix Package: libxslt (Red Hat Enterprise Linux OpenStack Platform 6 (Juno)) - Will not fix Package: libxslt (Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)) - Will not fix Package: libxslt (Red Hat Gluster Storage 3.1) - Will not fix Package: libxslt (Red Hat

CVE-2016-1684 [HIGH] CVE-2016-1684: libxslt - numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63... numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document. Scope: local bookworm: resolved (fixed in 1.1.29-1) bullseye: resolved (fixed in 1.1.29-1) forky: resolved (fixed in 1.1.29-1) sid: resolved (fixed in 1.1.29-1) trixie: resolved (fixed in 1.1.29-1)

CVE-2016-1684 [HIGH] GHSA-872f-6g3v-r884: numbers numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document.

CVE-2017-5029 [MEDIUM] libxslt vulnerabilities libxslt vulnerabilities Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString() function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service (application crash) or possible execute arbitrary code. (CVE-2017-5029) Nicolas Gregoire discovered that Libxslt mishandled namespace nodes. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service (application crash) or possibly execute arbtrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. (CVE-2016-1683) Sebastian Apelt discovered that a use-after-error existed in the xsltDocumentFunctionLoadDocument() function in Libxslt. An attacker could use this to craft a malici

CVE-2016-1673 [HIGH] oxide-qt vulnerabilities oxide-qt vulnerabilities An unspecified security issue was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2016-1673) An issue was discovered with Document reattachment in Blink in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2016-1675) A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information. (CVE-2016-1677) A heap overflow was discovered in V8. If a user were tricked in to opening a specially crafted website, an att

CVE-2016-1684 [HIGH] CVE-2016-1684: numbers numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document.

CVE-2016-1684 [HIGH] CVE-2016-1684 CVE-2016-1683 mingw-libxslt: various flaws in libxslt [epel-7] CVE-2016-1684 CVE-2016-1683 mingw-libxslt: various flaws in libxslt [epel-7] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora EPEL. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. [bug automatically created by: add-tracking-bugs]

CVE-2016-1684 [HIGH] CVE-2016-1684 CVE-2016-1683 mingw-libxslt: various flaws in libxslt [fedora-all] CVE-2016-1684 CVE-2016-1683 mingw-libxslt: various flaws in libxslt [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions

CVE-2016-1683 [HIGH] CVE-2016-1683 CVE-2016-1684 libxslt: various flaws [fedora-all] CVE-2016-1683 CVE-2016-1684 libxslt: various flaws [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While

CVE-2016-1684 [HIGH] CVE-2016-1684 chromium-browser: integer overflow in libxslt CVE-2016-1684 chromium-browser: integer overflow in libxslt An integer overflow flaw was found in the libxslt component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=583171 External References: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html Discussion: This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Supplementary Via RHSA-2016:1190 https://access.redhat.com/errata/RHSA-2016:1190 --- Upstream commit: https://git.gnome.org/browse/libxslt/commit/?id=91d0540ac9beaa86719a05b749219a69baa0dd8d --- Created libxslt tracking bugs for this issue: Affects: fedora-all [bug 1349705] --- Created mingw-libxslt tracking bugs for this issue: Affects: fedora-all [bug 1349706]