[go: up one dir, main page]
|
|
Log in / Subscribe / Register

libxalan2-java: information disclosure/code execution

Package(s):libxalan2-java CVE #(s):CVE-2014-0107
Created:March 27, 2014 Updated:April 4, 2016
Description: From the Debian advisory:

Nicolas Gregoire discovered several vulnerabilities in libxalan2-java, a Java library for XSLT processing. Crafted XSLT programs could access system properties or load arbitrary classes, resulting in information disclosure and, potentially, arbitrary code execution.

Alerts:
Gentoo 201604-02 xalan 2016-04-02
openSUSE openSUSE-SU-2014:0948-1 xalan-j2 2014-07-30
SUSE SUSE-SU-2014:0870-1 xalan-j2 2014-07-04
openSUSE openSUSE-SU-2014:0861-1 xalan-j2 2014-07-01
Ubuntu USN-2218-1 libxalan2-java 2014-05-21
Fedora FEDORA-2014-4426 xalan-j2 2014-04-05
Fedora FEDORA-2014-4443 xalan-j2 2014-04-05
Mageia MGASA-2014-0152 xalan-j2 2014-04-03
Scientific Linux SLSA-2014:0348-1 xalan-j2 2014-04-01
Oracle ELSA-2014-0348 xalan-j2 2014-04-01
Oracle ELSA-2014-0348 xalan-j2 2014-04-01
CentOS CESA-2014:0348 xalan-j2 2014-04-02
CentOS CESA-2014:0348 xalan-j2 2014-04-02
Red Hat RHSA-2014:0348-01 xalan-j2 2014-04-01
Debian DSA-2886-1 libxalan2-java 2014-03-26
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds