Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2009-3720
HistoryNov 03, 2009 - 4:00 p.m.

CVE-2009-3720

2009-11-0316:00:00
redhat
www.cve.org

7 High

AI Score

Confidence

High

0.129 Low

EPSS

Percentile

95.5%

JSON

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

References

Related

openvas 92
debiancve 2
nvd 2
cve 2
nessus 61
ubuntucve 3
prion 2
ubuntu 6
slackware 1
f5 2
cvelist 1
freebsd 2
centos 2
fedora 13
veracode 1
redhat 2
httpd 1
oraclelinux 2
altlinux 2
openvas
openvas
Mandriva Security Advisory MDVSA-2009:215-1 (audacity)
2009-12-10 00:00:00
Mandriva Security Advisory MDVSA-2009:213-1 (wxgtk)
2009-12-10 00:00:00
Mandriva Security Advisory MDVSA-2009:211-1 (expat)
2009-12-10 00:00:00
debiancve
debiancve
CVE-2009-3720
2009-11-03 16:30:12
CVE-2009-3560
2009-12-04 21:30:00
nvd
nvd
CVE-2009-3720
2009-11-03 16:30:12
CVE-2009-3560
2009-12-04 21:30:00
cve
cve
CVE-2009-3720
2009-11-03 16:30:12
CVE-2009-3560
2009-12-04 21:30:00
nessus
nessus
Mandriva Linux Security Advisory : davfs (MDVSA-2009:220-1)
2009-08-25 00:00:00
Mandriva Linux Security Advisory : w3c-libwww (MDVSA-2009:218-1)
2009-08-25 00:00:00
Mandriva Linux Security Advisory : expat (MDVSA-2009:211-1)
2009-08-24 00:00:00
ubuntucve
ubuntucve
CVE-2009-2625
2009-08-06 00:00:00
CVE-2009-3720
2009-11-03 00:00:00
CVE-2009-3560
2009-12-04 00:00:00
prion
prion
Buffer overflow
2009-11-03 16:30:00
Buffer overflow
2009-12-04 21:30:00
ubuntu
ubuntu
Expat vulnerabilities
2010-01-20 00:00:00
PyXML vulnerabilities
2010-01-26 00:00:00
Python 2.5 vulnerabilities
2010-01-21 00:00:00
slackware
slackware
[slackware-security] expat
2011-02-11 01:17:08
f5
f5
K15905 : Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2015-03-16 00:00:00
SOL15905 - Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2014-12-11 00:00:00
cvelist
cvelist
CVE-2009-3560
2009-12-04 21:00:00
freebsd
freebsd
libwww -- multiple vulnerabilities
2005-10-12 00:00:00
expat2 -- Parser crash with specially formatted UTF-8 sequences
2009-01-17 00:00:00
centos
centos
4Suite security update
2009-11-10 21:28:54
PyXML security update
2010-01-04 23:32:13
fedora
fedora
[SECURITY] Fedora 10 Update: PyXML-0.8.4-12.fc10
2009-11-04 12:18:18
[SECURITY] Fedora 14 Update: libtlen-0-0.10.20060309.fc14
2010-11-23 21:54:15
[SECURITY] Fedora 15 Update: whatsup-1.12-2.fc15
2011-03-16 04:04:13
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:55:28
redhat
redhat
(RHSA-2010:0002) Moderate: PyXML security update
2010-01-04 00:00:00
(RHSA-2009:1572) Moderate: 4Suite security update
2009-11-10 00:00:00
httpd
httpd
Apache Httpd < 2.0.64 : expat DoS
2009-08-21 00:00:00
oraclelinux
oraclelinux
4Suite security update
2009-11-10 00:00:00
PyXML security update
2010-01-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package centerim version 4.22.10-alt1
2010-11-24 00:00:00
Security fix for the ALT Linux 5 package centerim version 4.22.10-alt0.M50P.1
2011-01-13 00:00:00

7 High

AI Score

Confidence

High

0.129 Low

EPSS

Percentile

95.5%

JSON
Related for CVELIST:CVE-2009-3720
openvas92debiancve2nvd2cve2nessus61ubuntucve3prion2ubuntu6slackware1f52cvelist1freebsd2centos2fedora13veracode1redhat2httpd1oraclelinux2altlinux2