CVE-2012-6702 – Resolve troublesome internal call to srand that
was introduced with Expat 2.1.0 when addressing CVE-2012-0876
(issue #496)
CVE-2016-5300 – Use more entropy for hash initialization than the
original fix to CVE-2012-0876.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchexpat< 2.1.1_1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	expat	< 2.1.1_1	UNKNOWN

References

www.openwall.com/lists/oss-security/2016/03/18/3

sourceforge.net/p/expat/code_git/ci/07cc2fcacf81b32b2e06aa918df51756525240c0/

nessus 50

openvas 60

osv 5

archlinux 2

debian 4

mageia 1

ubuntucve 3

ibm 19

ubuntu 4

debiancve 3

alpinelinux 2

cloudfoundry 1

redhatcve 1

cve 3

f5 6

veracode 4

prion 3

fedora 6

slackware 2

gentoo 2

freebsd 2

centos 1

securityvulns 3

oraclelinux 3

redhat 3

amazon 1

apple 4

vmware 1

nessus

openSUSE Security Update : expat (openSUSE-2017-260)

2017-02-21 00:00:00

Debian DLA-508-1 : expat security update

2016-06-09 00:00:00

SUSE SLES11 Security Update : expat (SUSE-SU-2017:0415-1)

2017-02-08 00:00:00

openvas

Debian Security Advisory DSA 3597-1 (expat - security update)

2016-06-07 00:00:00

SUSE: Security Advisory (SUSE-SU-2017:0424-1)

2021-04-19 00:00:00

Debian: Security Advisory (DSA-3597-1)

2016-06-06 00:00:00

osv

expat - security update

2016-06-07 00:00:00

expat - security update

2016-06-08 00:00:00

CVE-2016-5300

2016-06-16 18:59:00

archlinux

expat: multiple issues

2016-06-13 00:00:00

lib32-expat: multiple issues

2016-06-13 00:00:00

debian

[SECURITY] [DLA 508-1] expat security update

2016-06-08 09:29:13

[SECURITY] [DSA 3597-1] expat security update

2016-06-07 16:44:57

[SECURITY] [DSA 3597-1] expat security update

2016-06-07 16:44:57

mageia

Updated expat packages fix security vulnerabilities

2016-06-17 08:58:14

ubuntucve

CVE-2016-5300

2016-06-06 00:00:00

CVE-2012-6702

2012-12-31 00:00:00

CVE-2012-0876

2012-07-03 00:00:00

ibm

Security Bulletin: Vulnerabilities in Expat affect Intel (R) Manycore Platform Software Stack (MPSS) for Linux and Windows

2019-01-31 02:25:02

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in expat (CVE-2012-6702 CVE-2016-5300).

2019-01-31 02:25:02

Security Bulletin: A vulnerability in the agent core framework affects IBM Performance Management products

2018-06-17 15:40:54

ubuntu

Expat vulnerabilities

2016-06-20 00:00:00

XML-RPC for C and C++ vulnerabilities

2016-06-20 00:00:00

XML-RPC for C and C++ vulnerabilities

2012-09-10 00:00:00

debiancve

CVE-2016-5300

2016-06-16 18:59:00

CVE-2012-6702

2016-06-16 18:59:00

CVE-2012-0876

2012-07-03 19:55:00

alpinelinux

CVE-2016-5300

2016-06-16 18:59:00

CVE-2012-6702

2016-06-16 18:59:00

cloudfoundry

USN-3010-1 Expat vulnerabilities | Cloud Foundry

2016-07-13 00:00:00

redhatcve

CVE-2016-5300

2016-06-06 13:18:38

cve

CVE-2016-5300

2016-06-16 18:59:00

CVE-2012-6702

2016-06-16 18:59:00

CVE-2012-0876

2012-07-03 19:55:00

K70938105 : Expat XML library vulnerability CVE-2016-5300

2016-10-26 00:00:00

SOL70938105 - Expat XML library vulnerability CVE-2016-5300

2016-10-26 00:00:00

SOL65460334 - Expat XML parser vulnerability CVE-2012-6702

2016-09-06 00:00:00

veracode

Denial Of Service (DoS)

2017-02-01 06:06:40

Weak Cryptographic Protection

2016-06-08 07:23:46

Denial Of Service (DoS)

2019-01-15 08:52:02

prion

Code injection

2016-06-16 18:59:00

Design/Logic Flaw

2016-06-16 18:59:00

Code injection

2012-07-03 19:55:00

fedora

[SECURITY] Fedora 23 Update: expat-2.1.1-2.fc23

2016-06-19 07:27:54

[SECURITY] Fedora 24 Update: expat-2.1.1-2.fc24

2016-06-21 19:27:49

[SECURITY] Fedora 22 Update: expat-2.1.1-2.fc22

2016-07-12 02:27:38

slackware

[slackware-security] expat

2016-12-24 19:24:21

[slackware-security] python

2018-05-04 20:53:50

gentoo

Expat: Multiple vulnerabilities

2017-01-11 00:00:00

Expat: Multiple vulnerabilities

2012-09-24 00:00:00

freebsd

Python 2.7 -- multiple vulnerabilities

2017-08-26 00:00:00

python 2.7 -- multiple vulnerabilities

2018-05-01 00:00:00

centos

expat security update

2012-06-13 17:07:10

securityvulns

expat security vulnerability

2012-04-02 00:00:00

[ MDVSA-2012:041 ] expat

2012-04-02 00:00:00

[ MDVSA-2012:096-1 ] python

2012-07-09 00:00:00

oraclelinux

expat security update

2012-06-13 00:00:00

python security update

2012-06-18 00:00:00

python security update

2012-06-18 00:00:00

redhat

(RHSA-2012:0731) Moderate: expat security update

2012-06-13 00:00:00

(RHSA-2016:0062) Moderate: Red Hat JBoss Web Server 2.1.0 security update

2016-01-21 15:45:11

(RHSA-2017:3239) Important: Red Hat JBoss Enterprise Application Platform 6.4.18 security update

2017-11-16 19:09:33

amazon

Medium: expat

2012-06-19 15:59:00

apple

About the security content of iTunes 12.6 - Apple Support

2017-03-22 07:40:40

About the security content of iTunes 12.6

2017-03-21 00:00:00

About the security content of iTunes 12.6 for Windows

2017-03-21 00:00:00

vmware

VMware security updates for vSphere API and ESX Service Console

2012-11-15 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.007 Low

EPSS

Percentile

80.7%

JSON

Related for C9C252F5-2DEF-11E6-AE88-002590263BF5