Sun Management Center 4.0: Patch for Solaris 9.
Date this patch was last updated by Sun : Nov/25/09

Sun Management Center 4.0: Patch for Solaris 9_x86.
Date this patch was last updated by Sun : Nov/25/09

The remote OracleVM system is missing necessary patches to address critical security updates :

  - Add bug347316.patch to backport fix for bug#347316 from     upstream version

  - Add libxml2-enterprise.patch and update logos in tarball

  - Fix a couple of crash (CVE-2009-2414, CVE-2009-2416)

  - Resolves: rhbz#515236

  - two patches for size overflows problems (CVE-2008-4225,     CVE-2008-4226)

  - Resolves: rhbz#470474

  - Patch to fix an entity name copy buffer overflow     (CVE-2008-3529)

  - Resolves: rhbz#461023

  - Better fix for (CVE-2008-3281)

  - Resolves: rhbz#458095

  - change the patch for CVE-2008-3281 due to ABI issues

  - Resolves: rhbz#458095

  - Patch to fix recursive entities handling (CVE-2008-3281)

  - Resolves: rhbz#458095

  - Patch to fix UTF-8 decoding problem (CVE-2007-6284)

  - Resolves: rhbz#425933

SunOS 5.9: libxml, libxslt and Freeware ma.
Date this patch was last updated by Sun : May/26/11

Updated libxml2 packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having important security impact by the Red Hat Security Response Team.

The libxml2 packages provide a library that allows you to manipulate XML files. It includes support to read, modify, and write XML and HTML files.

A heap-based buffer overflow flaw was found in the way libxml2 handled long XML entity names. If an application linked against libxml2 processed untrusted malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code.
(CVE-2008-3529)

All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.

AM 7.0: Sun Java System Access Manager 2005Q4.
Date this patch was last updated by Sun : Nov/03/10

This plugin has been deprecated and either replaced with individual 120954 patch-revision plugins, or deemed non-security related.

AM 7.0: Sun Java System Access Manager 2005Q4.
Date this patch was last updated by Sun : Nov/03/10

Sun Management Center 3.6.1: Patch for Solaris 8.
Date this patch was last updated by Sun : Nov/25/09

AM 7.0_x86: Sun Java System Access Manager 2005Q4.
Date this patch was last updated by Sun : Nov/03/10

AM 7.0_x86: Sun Java System Access Manager 2005Q4.
Date this patch was last updated by Sun : Nov/03/10

This plugin has been deprecated and either replaced with individual 120955 patch-revision plugins, or deemed non-security related.

It was discovered that libxml2 did not correctly handle root XML document element DTD definitions. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. (CVE-2009-2414)

It was discovered that libxml2 did not correctly parse Notation and Enumeration attribute types. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. (CVE-2009-2416)

USN-644-1 fixed a vulnerability in libxml2. This advisory provides the corresponding update for Ubuntu 9.04.

It was discovered that libxml2 did not correctly handle long entity names. If a user were tricked into processing a specially crafted XML document, a remote attacker could execute arbitrary code with user privileges or cause the application linked against libxml2 to crash, leading to a denial of service. (CVE-2008-3529).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

A heap-based buffer overflow flaw was found in the way libxml2 handled long XML entity names. If an application linked against libxml2 processed untrusted malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code.
(CVE-2008-3529)

Sun Management Center 3.6.1_x86: Patch for Solaris 9.
Date this patch was last updated by Sun : Nov/25/09

ID	Name	Product	Family	Published	Updated	Severity
67167	Solaris 9 (sparc) : 127681-07	Nessus	Solaris Local Security Checks	7/3/2013	1/14/2021	critical
67170	Solaris 9 (x86) : 127682-07	Nessus	Solaris Local Security Checks	7/3/2013	1/14/2021	critical
79462	OracleVM 2.1 : libxml2 (OVMSA-2009-0018)	Nessus	OracleVM Local Security Checks	11/26/2014	1/14/2021	critical
13546	Solaris 9 (sparc) : 114014-28	Nessus	Solaris Local Security Checks	7/12/2004	1/14/2021	critical
34170	CentOS 3 / 4 / 5 : libxml2 (CESA-2008:0884)	Nessus	CentOS Local Security Checks	9/12/2008	1/4/2021	critical
36756	Solaris 10 (sparc) : 120954-12 (deprecated)	Nessus	Solaris Local Security Checks	4/23/2009	1/14/2021	critical
37271	Solaris 8 (sparc) : 120954-12	Nessus	Solaris Local Security Checks	4/23/2009	1/14/2021	critical
37363	Solaris 8 (sparc) : 123920-12	Nessus	Solaris Local Security Checks	4/23/2009	1/14/2021	critical
38005	Solaris 9 (x86) : 120955-12	Nessus	Solaris Local Security Checks	4/23/2009	1/14/2021	critical
38126	Solaris 10 (x86) : 120955-12 (deprecated)	Nessus	Solaris Local Security Checks	4/23/2009	1/14/2021	critical
40576	Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : libxml2 vulnerabilities (USN-815-1)	Nessus	Ubuntu Local Security Checks	8/12/2009	1/19/2021	critical
60473	Scientific Linux Security Update : libxml2 on SL3.x, SL4.x, SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	8/1/2012	1/14/2021	critical
67169	Solaris 9 (x86) : 123922-11	Nessus	Solaris Local Security Checks	7/3/2013	1/14/2021	critical

Detections

Analytics

Plugins Search

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical