Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-1148HistoryJul 03, 2012 - 7:55 p.m.
CVE-2012-1148
2012-07-0319:55:00
Debian Security Bug Tracker
security-tracker.debian.org
11
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.6%
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | expat | < 2.1.0~beta3-1 | expat_2.1.0~beta3-1_all.deb |
| Debian | 11 | all | expat | < 2.1.0~beta3-1 | expat_2.1.0~beta3-1_all.deb |
| Debian | 10 | all | expat | < 2.1.0~beta3-1 | expat_2.1.0~beta3-1_all.deb |
| Debian | 999 | all | expat | < 2.1.0~beta3-1 | expat_2.1.0~beta3-1_all.deb |
| Debian | 13 | all | expat | < 2.1.0~beta3-1 | expat_2.1.0~beta3-1_all.deb |
| Debian | 12 | all | xmlrpc-c | < 1.16.33-3.2 | xmlrpc-c_1.16.33-3.2_all.deb |
| Debian | 11 | all | xmlrpc-c | < 1.16.33-3.2 | xmlrpc-c_1.16.33-3.2_all.deb |
| Debian | 10 | all | xmlrpc-c | < 1.16.33-3.2 | xmlrpc-c_1.16.33-3.2_all.deb |
| Debian | 999 | all | xmlrpc-c | < 1.16.33-3.2 | xmlrpc-c_1.16.33-3.2_all.deb |
| Debian | 13 | all | xmlrpc-c | < 1.16.33-3.2 | xmlrpc-c_1.16.33-3.2_all.deb |
Related
cve
cve
CVE-2012-1148
2012-07-03 19:55:00
prion
prion
Memory corruption
2012-07-03 19:55:00
ubuntucve
ubuntucve
CVE-2012-1148
2012-07-03 00:00:00
openvas
openvas
Debian Security Advisory DSA 2525-1 (expat)
2012-08-10 00:00:00
CentOS Update for expat CESA-2012:0731 centos6
2012-07-30 00:00:00
Oracle: Security Advisory (ELSA-2012-0731)
2015-10-06 00:00:00
nessus
nessus
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : xmlrpc-c vulnerabilities (USN-1527-2)
2012-09-11 00:00:00
RHEL 5 / 6 : expat (RHSA-2012:0731)
2012-06-14 00:00:00
Debian DSA-2525-1 : expat - several vulnerabilities
2012-08-07 00:00:00
redhat
redhat
(RHSA-2012:0731) Moderate: expat security update
2012-06-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:41:51
securityvulns
securityvulns
[ MDVSA-2012:041 ] expat
2012-04-02 00:00:00
expat security vulnerability
2012-04-02 00:00:00
osv
osv
expat - several
2012-08-06 00:00:00
libxmltok vulnerabilities
2022-07-19 17:11:00
ubuntu
ubuntu
Expat vulnerabilities
2012-08-10 00:00:00
XML-RPC for C and C++ vulnerabilities
2012-09-10 00:00:00
Python 2.5 vulnerabilities
2012-10-17 00:00:00
f5
f5
SOL16949 - Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148
2015-07-10 00:00:00
K16949 : Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148
2015-07-11 00:00:00
oraclelinux
oraclelinux
expat security update
2012-06-13 00:00:00
centos
centos
expat security update
2012-06-13 17:07:10
debian
debian
[SECURITY] [DSA 2525-1] expat security update
2012-08-06 20:37:11
amazon
amazon
Medium: expat
2012-06-19 15:59:00
ibm
ibm
gentoo
gentoo
Expat: Multiple vulnerabilities
2012-09-24 00:00:00
vmware
vmware
VMware security updates for vSphere API and ESX Service Console
2012-11-15 00:00:00
apple
apple
About the security content of iTunes 12.6
2017-03-21 00:00:00
About the security content of iTunes 12.6 - Apple Support
2017-03-22 07:40:40
About the security content of iTunes 12.6 for Windows
2017-03-21 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.6%
Related for DEBIANCVE:CVE-2012-1148