Описание
ELSA-2012-0410: raptor security update (IMPORTANT)
[1.4.18-5.1]
- Fixed XML entity expansion that could lead to information disclosure (CVE-2012-0037) Resolves: rhbz#804496
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
raptor
1.4.18-5.el6_2.1
raptor-devel
1.4.18-5.el6_2.1
Oracle Linux i686
raptor
1.4.18-5.el6_2.1
raptor-devel
1.4.18-5.el6_2.1
Oracle Linux sparc64
raptor
1.4.18-5.el6_2.1
raptor-devel
1.4.18-5.el6_2.1
Связанные CVE
Связанные уязвимости
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 ...
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.