Executive Summary
Summary | |
---|---|
Title | libxml2 vulnerability |
Informations | |||
---|---|---|---|
Name | USN-3504-2 | First vendor Publication | 2017-12-05 |
Vendor | Ubuntu | Last vendor Modification | 2017-12-05 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: curl could be made to crash if it received specially crafted input. Software Description: - libxml2: GNOME XML library Details: USN-3504-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: テつ Wei Lei discovered that libxml2 incorrecty handled certain parameter テつ entities. An attacker could use this issue with specially constructed テつ XML data to cause libxml2 to consume resources, leading to a denial of テつ service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: テつ libxml2テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ 2.7.8.dfsg-5.1ubuntu4.19 テつ libxml2-utilsテつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ 2.7.8.dfsg-5.1ubuntu4.19 テつ python-libxml2テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ 2.7.8.dfsg-5.1ubuntu4.19 In general, a standard system update will make all the necessary changes. References: テつ https://www.ubuntu.com/usn/usn-3504-2 テつ https://www.ubuntu.com/usn/usn-3504-1 テつ CVE-2017-16932 |
Original Source
Url : http://www.ubuntu.com/usn/USN-3504-2 |
CPE : Common Platform Enumeration
Nessusツョ Vulnerability Scanner
Date | Description |
---|---|
2018-09-18 | Name : The remote EulerOS Virtualization host is missing multiple security updates. File : EulerOS_SA-2018-1257.nasl - Type : ACT_GATHER_INFO |
2018-09-18 | Name : The remote EulerOS Virtualization host is missing multiple security updates. File : EulerOS_SA-2018-1258.nasl - Type : ACT_GATHER_INFO |
2018-08-03 | Name : The antivirus service running on the remote host is affected by multiple vuln... File : clamav_0_100_1.nasl - Type : ACT_GATHER_INFO |
2018-07-10 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_d1e9d8c5839b11e896109c5c8e75236a.nasl - Type : ACT_GATHER_INFO |
2018-06-28 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1156.nasl - Type : ACT_GATHER_INFO |
2018-05-02 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1088.nasl - Type : ACT_GATHER_INFO |
2018-05-02 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1089.nasl - Type : ACT_GATHER_INFO |
2017-12-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-3504-1.nasl - Type : ACT_GATHER_INFO |
2017-12-01 | Name : The remote Debian host is missing a security update. File : debian_DLA-1194.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2017-12-06 22:58:48 |
|
2017-12-05 17:21:15 |
|