HP IceWall Federation Agent 3.0

CPE Details

HP IceWall Federation Agent 3.0
hp
icewall_federation_agent
3.0
2016-06-29
16h16 +00:00
2016-06-29
16h16 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*

Informations

Vendor

hp

Product

icewall_federation_agent

Version

3.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-9597 2018-07-30 12h00 +00:00 It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.
7.5
High
CVE-2017-8945 2018-02-15 22h00 +00:00 A Remote Unauthorized Disclosure of Information vulnerability in HPE IceWall Federation Agent version 3.0 was found.
6.1
Medium
CVE-2016-6306 2016-09-25 22h00 +00:00 The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
5.9
Medium
CVE-2016-2182 2016-09-15 22h00 +00:00 The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
9.8
Critical
CVE-2016-4447 2016-06-09 14h00 +00:00 The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
7.5
High
CVE-2016-4448 2016-06-09 14h00 +00:00 Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
9.8
Critical
CVE-2016-3627 2016-05-17 12h00 +00:00 The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.
7.5
High
CVE-2016-3705 2016-05-17 12h00 +00:00 The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.
7.5
High
CVE-2015-5312 2015-12-15 20h00 +00:00 The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
7.1
CVE-2015-7497 2015-12-15 20h00 +00:00 Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.
5
CVE-2015-7498 2015-12-15 20h00 +00:00 Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
5
CVE-2015-7499 2015-12-15 20h00 +00:00 Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
5
CVE-2015-7500 2015-12-15 20h00 +00:00 The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
5
CVE-2015-8241 2015-12-15 20h00 +00:00 The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
6.4
CVE-2015-8242 2015-12-15 20h00 +00:00 The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
5.8
CVE-2015-8317 2015-12-15 20h00 +00:00 The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
5
CVE-2015-7942 2015-11-18 15h00 +00:00 The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.
6.8