CVE-2016-1838: The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS…

CVE-2015-8806 [HIGH] libxml2 vulnerabilities Title: libxml2 vulnerabilities Summary: Several security issues were fixed in libxml2. It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-8806, CVE-2016-2073, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447) It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1762, CVE-2016-1834) Mateusz Jurczyk discovered that libxml2 incorrectly handled certain malfo

CVE-2016-1838 [MEDIUM] CWE-122 libxml2: Heap-based buffer overread in xmlPArserPrintFileContextInternal libxml2: Heap-based buffer overread in xmlPArserPrintFileContextInternal The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. Package: libxml2 (Red Hat Enterprise Linux 5) - Will not fix Package: libxml2 (Red Hat JBoss Enterprise Web Server 3) - Affected

CVE-2016-1838 [MEDIUM] CVE-2016-1838: libxml2 - The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used ... The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. Scope: local bookworm: resolved (fixed in 2.9.3+dfsg1-1.1) bullseye: resolved (fixed in 2.9.3+dfsg1-1.1) forky: resolved (fixed in 2.9.3+dfsg1-1.1) sid: resolved (fixed in 2.9.3+dfsg1-1.1) trixie: resolved (fixed in 2.9.3+dfsg1-1.1)

CVE-2016-1838 [MEDIUM] CVE-2016-1838: tvOS 9.2.1 Apple Security Update: About the security content of tvOS 9.2.1 Product: tvOS Version: 9.2.1 CVE: CVE-2016-1838 Component: CVE-ID Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-1838 [MEDIUM] CVE-2016-1838: watchOS 2.2.1 Apple Security Update: About the security content of watchOS 2.2.1 Product: watchOS Version: 2.2.1 CVE: CVE-2016-1838 Component: CVE-ID Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-1838 [MEDIUM] CVE-2016-1838: OS X El Capitan v10.11.5 and Security Update 2016-003 Apple Security Update: About the security content of OS X El Capitan v10.11.5 and Security Update 2016-003 Product: OS X El Capitan v10.11.5 and Security Update 2016-003 CVE: CVE-2016-1838 Component: CVE-ID Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-1838 [MEDIUM] CVE-2016-1838: iOS 9.3.2 Apple Security Update: About the security content of iOS 9.3.2 Product: iOS Version: 9.3.2 CVE: CVE-2016-1838 Component: CVE-ID Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-1838 [MEDIUM] CWE-125 GHSA-ppp9-jxhf-2xj3: The xmlPArserPrintFileContextInternal function in libxml2 before 2 The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

CVE-2000-1134 [HIGH] namei: allow restricted O_CREAT of FIFOs and regular files namei: allow restricted O_CREAT of FIFOs and regular files Disallows open of FIFOs or regular files not owned by the user in world writable sticky directories, unless the owner is the same as that of the directory or the file is opened without the O_CREAT flag. The purpose is to make data spoofing attacks harder. This protection can be turned on and off separately for FIFOs and regular files via sysctl, just like the symlinks/hardlinks protection. This patch is based on Openwall's "HARDEN_FIFO" feature by Solar Designer. This is a brief list of old vulnerabilities that could have been prevented by this feature, some of them even allow for privilege escalation: CVE-2000-1134 CVE-2007-3852 CVE-2008-0525 CVE-2009-0416 CVE-2011-4834 CVE-2015-1838 CVE-2015-7442 CVE-2016-7489 This list is no

CVE-2015-8806 [HIGH] libxml2 vulnerabilities libxml2 vulnerabilities It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-8806, CVE-2016-2073, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447) It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1762, CVE-2016-1834) Mateusz Jurczyk discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into

CVE-2016-1838 [MEDIUM] CVE-2016-1838: The xmlPArserPrintFileContextInternal function in libxml2 before 2 The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

CVE-2016-7851 [MEDIUM] Adobe Connect 9.5.7 - Cross-Site Scripting Adobe Connect 9.5.7 - Cross-Site Scripting --- Document Title: Adobe Connect & Desktop v9.5.7 - Persistent Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1838 Security ID: PSIRT-5180 Bulletin: https://helpx.adobe.com/security/products/connect/apsb16-35.html http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7851 Public News Article: http://www.securityweek.com/adobe-patches-9-flash-player-flaws-reported-zdi CVE-ID: CVE-2016-7851 Release Date: 2016-11-09 Vulnerability Laboratory ID (VL-ID): 1838 Common Vulnerability Scoring System: 3.7 Product & Service Introduction: Whether it is a smartphone or tablet app, a game, a video, a digital magazine, a website, or an online experience, chances are that it was touched by Adobe technol

CVE-2016-1838 libxml2 - xmlParserPrintFileContextInternal Heap Buffer Overread libxml2 - xmlParserPrintFileContextInternal Heap Buffer Overread --- Source: https://code.google.com/p/google-security-research/issues/detail?id=639 The following crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint ("$ ./xmllint /path/to/file"): --- cut --- ==4210==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6290000051ff at pc 0x000000533c8f bp 0x7ffdb38c4830 sp 0x7ffdb38c4828 READ of size 1 at 0x6290000051ff thread T0 #0 0x533c8e in xmlParserPrintFileContextInternal libxml2-2.9.3/error.c:192:6 #1 0x54088a in xmlReportError libxml2-2.9.3/error.c:406:9 #2 0x53884f in __xmlRaiseError libxml2-2.9.3/error.c:633:2 #3 0x56f0ec in xmlFatalErr libxml2-2.

CVE-2016-1762 [HIGH] CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 libxml2: various flaws [fedora-a CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 libxml2: various flaws [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE

CVE-2016-1762 [HIGH] CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 mingw-libxml2: various flaws [fe CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 mingw-libxml2: various flaws [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention t

CVE-2016-1838 [MEDIUM] CVE-2016-1838 libxml2: Heap-based buffer overread in xmlPArserPrintFileContextInternal CVE-2016-1838 libxml2: Heap-based buffer overread in xmlPArserPrintFileContextInternal A vulnerability was found in the libxml2 library. A heap-based buffer overread could happen in xmlParserPrintFileContextInternal References: https://bugzilla.gnome.org/show_bug.cgi?id=758588 Upstream fix: https://git.gnome.org/browse/libxml2/commit/?id=db07dd613e461df93dde7902c6505629bf0734e9 Discussion: This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2016:1292 https://access.redhat.com/errata/RHSA-2016:1292 --- Created libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1349794] --- Created mingw-libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1349795] --- This issue has been addressed in t

[R2] Nessus 6.10 Fixes Multiple Third-party Library Vulnerabilities ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

[R3] LCE 5.0.0 Fixes Multiple Third-party Library Vulnerabilities ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

ShadowBound: Efficient Heap Memory Protection Through Advanced Metadata Management and Customized Compiler Optimization ShadowBound [1]blue#1 : Efficient Heap Memory Protection Through Advanced Metadata Management and Customized Compiler Optimization -10pt Zheng Yu Northwestern University Ganxiang Yang Northwestern University Xinyu Xing Northwestern University ### Abstract In software development, the prevalence of unsafe languages such as C and C++ introduces potential vulnerabilities, especially within the heap, a pivotal component for dynamic memory allocation. Despite its significance, heap management complexities have made heap corruption pervasive, posing severe threats to system security. While prior solutions aiming for temporal and spatial memory safety exhibit overheads deemed impractical, we present , a unique heap memory protection design. At its core, is an efficient out-of-bounds defe