what you don't know can hurt you

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 6 of 6

CVE-2016-4738

Status Candidate

Overview

libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

Related Files

Ubuntu Security Notice USN-3271-1: Posted Apr 27, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3271-1 - Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service or possible execute arbitrary code. Nicolas Gregoire discovered that Libxslt mishandled namespace nodes. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. Various other issues were also addressed.; tags | advisory, denial of service, overflow, arbitrary; systems | linux, ubuntu; advisories | CVE-2015-7995, CVE-2016-1683, CVE-2016-1684, CVE-2016-1841, CVE-2016-4738, CVE-2017-5029; SHA-256 | 5b9baa4caca5baf512247834862d3d2f28d5caca515396d8ef5d295c535b59b1; Download | Favorite | View

Gentoo Linux Security Advisory 201804-01: Posted Apr 3, 2017; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201804-1 - Multiple vulnerabilities were discovered in libxslt, the worst of which may allow a remote attacker to execute arbitrary code. Versions less than 1.1.30 are affected.; tags | advisory, remote, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2016-4738, CVE-2017-5029; SHA-256 | d1879b034e5fc47ed24dc480f47c4e7a0c8ee1432d5e5748e9cd53782da9a161; Download | Favorite | View

Debian Security Advisory 3709-1: Posted Nov 10, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3709-1 - Nick Wellnhofer discovered that the xsltFormatNumberConversion function in libxslt, an XSLT processing runtime library, does not properly check for a zero byte terminating the pattern string. This flaw can be exploited to leak a couple of bytes after the buffer that holds the pattern string.; tags | advisory; systems | linux, debian; advisories | CVE-2016-4738; SHA-256 | e9f4c5e8f4ffec25cedcc9f8673de95787a9afacc9fb00ca49b177c338e35ae4; Download | Favorite | View

Apple Security Advisory 2016-09-20-6: Posted Sep 20, 2016; Authored by Apple | Site apple.com; Apple Security Advisory 2016-09-20-6 - The tvOS 10 advisory has been released to describe issues relating to memory corruption, code execution, and more.; tags | advisory, code execution; systems | apple; advisories | CVE-2016-4611, CVE-2016-4658, CVE-2016-4702, CVE-2016-4708, CVE-2016-4712, CVE-2016-4718, CVE-2016-4725, CVE-2016-4726, CVE-2016-4728, CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, CVE-2016-4735, CVE-2016-4737, CVE-2016-4738, CVE-2016-4753, CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, CVE-2016-4768, CVE-2016-4772, CVE-2016-4773, CVE-2016-4774, CVE-2016-4775, CVE-2016-4776, CVE-2016-4777, CVE-2016-4778; SHA-256 | ab45f96469bc940b0ae9cf0757fe1cbccc4121a9a24ef6478e6e25e9f26ebe40; Download | Favorite | View

Apple Security Advisory 2016-09-20-3: Posted Sep 20, 2016; Authored by Apple | Site apple.com; Apple Security Advisory 2016-09-20-3 - The iOS 10 advisory has been updated to include additional findings. These relate to code execution and more.; tags | advisory, code execution; systems | cisco, apple, ios; advisories | CVE-2016-4611, CVE-2016-4618, CVE-2016-4620, CVE-2016-4658, CVE-2016-4698, CVE-2016-4702, CVE-2016-4707, CVE-2016-4708, CVE-2016-4711, CVE-2016-4712, CVE-2016-4718, CVE-2016-4719, CVE-2016-4722, CVE-2016-4724, CVE-2016-4725, CVE-2016-4726, CVE-2016-4728, CVE-2016-4729, CVE-2016-4730, CVE-2016-4731, CVE-2016-4733, CVE-2016-4734, CVE-2016-4735, CVE-2016-4737, CVE-2016-4738, CVE-2016-4740, CVE-2016-4741, CVE-2016-4746; SHA-256 | d7c5222827e5b762f68b16f83c6d5772f01a5ec22554d1e95d15cfb70a475b92; Download | Favorite | View

Apple Security Advisory 2016-09-20-5: Posted Sep 20, 2016; Authored by Apple | Site apple.com; Apple Security Advisory 2016-09-20-5 - The watchOS 3 advisory has been updated to include issues with memory corruption, code execution, and more.; tags | advisory, code execution; systems | apple; advisories | CVE-2016-4658, CVE-2016-4702, CVE-2016-4708, CVE-2016-4712, CVE-2016-4718, CVE-2016-4719, CVE-2016-4725, CVE-2016-4726, CVE-2016-4737, CVE-2016-4738, CVE-2016-4753, CVE-2016-4772, CVE-2016-4773, CVE-2016-4774, CVE-2016-4775, CVE-2016-4776, CVE-2016-4777, CVE-2016-4778, CVE-2016-5131; SHA-256 | b4178122754562f16bede517a37955bd8c45cf983af2709534a5d5f5758d03bf; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 297 files
Ubuntu 69 files
Debian 20 files
Gentoo 8 files
Apple 6 files
Google Security Research 4 files
LiquidWorm 4 files
Spencer McIntyre 3 files
Alter Prime 3 files
Jann Horn 3 files

File Tags

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec