oval:org.mitre.oval:def:25077

Definition Id: oval:org.mitre.oval:def:25077

Oval ID:	oval:org.mitre.oval:def:25077
Title:	SUSE-SU-2013:1654-1 -- Security update for libxslt
Description:	libxslt receives hereby a LTSS roll-up security update to fix several security issues: * CVE-2013-4520: The XSL implementation in libxslt allowed remote attackers to cause a denial of service (crash) via an invalid DTD. (addendum due to incomplete fix for CVE-2012-2825) * CVE-2012-6139: libxslt allowed remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c. * CVE-2012-2825: The XSL implementation in libxslt allowed remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors. * CVE-2011-3970: libxslt allowed remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1654-1 CVE-2013-4520 CVE-2012-2825 CVE-2012-6139 CVE-2011-3970	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10	Product(s):	libxslt
Definition Synopsis:
SUSE Linux Enterprise Server 10 is installed Packages match section libxslt RPM is earlier than 0:1.1.15-15.22.1 AND libxslt-devel RPM is earlier than 0:1.1.15-15.22.1 AND libxslt-32bit RPM is earlier than 0:1.1.15-15.22.1 AND libxslt-devel-32bit RPM is earlier than 0:1.1.15-15.22.1

Definition Id: oval:org.mitre.oval:def:1368

Oval ID:	oval:org.mitre.oval:def:1368
Title:	SUSE Linux Enterprise Server 10 is installed
Description:	SUSE Linux Enterprise Server 10 is installed.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:novell:suse_linux:10::server	Version:	6
Platform(s):	SUSE Linux Enterprise Server 10	Product(s):
Definition Synopsis:
SUSE Linux Enterprise Server 10 is installed
Referenced By:
oval:org.mitre.oval:def:25077