CVE-2016-1840: Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before…

CVE-2015-8806 [HIGH] libxml2 vulnerabilities Title: libxml2 vulnerabilities Summary: Several security issues were fixed in libxml2. It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-8806, CVE-2016-2073, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447) It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1762, CVE-2016-1834) Mateusz Jurczyk discovered that libxml2 incorrectly handled certain malfo

CVE-2016-1840 [HIGH] CWE-122 libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. Package: libxml2 (Red Hat Enterprise Linux 5) - Will not fix Package: libxml2 (Red Hat JBoss Enterprise Web Server 3) - Affected

CVE-2016-1840 [HIGH] CVE-2016-1840: libxml2 - Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 bef... Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. Scope: local bookworm: resolved (fixed in 2.9.3+dfsg1-1.1) bullseye: resolved (fixed in 2.9.3+dfsg1-1.1) forky: resolved (fixed in 2.9.3+dfsg1-1.1) sid: resolved (fixed in 2.9.3+dfsg1-1.1) trixie: resolved (fixed in 2.9.3+dfsg1-1.1)

CVE-2016-1840 [HIGH] CVE-2016-1840: watchOS 2.2.1 Apple Security Update: About the security content of watchOS 2.2.1 Product: watchOS Version: 2.2.1 CVE: CVE-2016-1840 Component: CVE-ID Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-1840 [HIGH] CVE-2016-1840: tvOS 9.2.1 Apple Security Update: About the security content of tvOS 9.2.1 Product: tvOS Version: 9.2.1 CVE: CVE-2016-1840 Component: CVE-ID Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-1840 [HIGH] CVE-2016-1840: OS X El Capitan v10.11.5 and Security Update 2016-003 Apple Security Update: About the security content of OS X El Capitan v10.11.5 and Security Update 2016-003 Product: OS X El Capitan v10.11.5 and Security Update 2016-003 CVE: CVE-2016-1840 Component: CVE-ID Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-1840 [HIGH] CVE-2016-1840: iOS 9.3.2 Apple Security Update: About the security content of iOS 9.3.2 Product: iOS Version: 9.3.2 CVE: CVE-2016-1840 Component: CVE-ID Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-1840 [HIGH] CWE-119 GHSA-7v3g-4pq5-c565: Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2 Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

CVE-2015-8806 [HIGH] libxml2 vulnerabilities libxml2 vulnerabilities It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-8806, CVE-2016-2073, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447) It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1762, CVE-2016-1834) Mateusz Jurczyk discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into

CVE-2016-1840 [HIGH] CVE-2016-1840: Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2 Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

CVE-2016-1762 [HIGH] CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 libxml2: various flaws [fedora-a CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 libxml2: various flaws [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE

CVE-2016-1762 [HIGH] CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 mingw-libxml2: various flaws [fe CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 mingw-libxml2: various flaws [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention t

CVE-2016-1840 [HIGH] CVE-2016-1840 libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup CVE-2016-1840 libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup A vulnerability was found in the libxml2 library. A heap-buffer overflow could happen in xmlFAParsePosCharGroup References: https://bugzilla.gnome.org/show_bug.cgi?id=757711 Upstream fix: https://git.gnome.org/browse/libxml2/commit/?id=cbb271655cadeb8dbb258a64701d9a3a0c4835b4 Discussion: This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2016:1292 https://access.redhat.com/errata/RHSA-2016:1292 --- Created libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1349794] --- Created mingw-libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1349795] --- This issue has been addressed in the following products: Via RHSA

[R2] Nessus 6.10 Fixes Multiple Third-party Library Vulnerabilities ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

[R3] LCE 5.0.0 Fixes Multiple Third-party Library Vulnerabilities ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man