Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Ubuntu 16.04 LTS USN-4619-1: Dom4j Critical Denial Of Service Risk

ubuntu
Calendar Grey November 5, 2020
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-4620-1 highlights a vulnerability in OpenSSL that may lead to data leakage or remote access through compromised connections.
dom4j could be made to crash or run programs if it received a specially crafted file.

Summary

dom4j could be made to crash or run programs if it received a specially

crafted file.

Software Description:

- dom4j: Flexible XML framework for Java

Details:

Mário Areias discovered that dom4j did not properly validate XML document

elements. An attacker could exploit this with a crafted XML file to cause

dom4j to crash, resulting in a denial of service, or possibly execute

arbitrary code. (CVE-2018-1000632)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  libdom4j-java                   1.6.1+dfsg.3-2ubuntu1.2

In general, a standard system update will make all the necessary changes.

References

CVE-2018-1000632

Severity
critical
Lowest
Low
Medium
High
Critical

November 05, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here