Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1953-2
HistoryDec 15, 2009 - 12:00 a.m.

expat - regression fix

2009-12-1500:00:00
Google
osv.dev
5

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Jan Lieskovsky discovered an error in expat, an XML parsing C library,
when parsing certain UTF-8 sequences, which can be exploited to crash an
application using the library.

For the oldstable distribution (etch), this problem has been fixed in
version 1.95.8-3.4+etch2.

For the stable distribution (lenny), this problem has been fixed in
version 2.0.1-4+lenny2.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be in version 2.0.1-6.

The builds for the mipsel architecture for the oldstable distribution
are not included yet. They will be released when they become available.

We recommend that you upgrade your expat packages.

Related

nessus 68
debian 5
freebsd 3
openvas 57
seebug 1
veracode 1
httpd 2
redhat 3
fedora 3
oraclelinux 1
centos 1
f5 2
ubuntu 6
osv 1
debiancve 1
slackware 2
prion 1
ubuntucve 1
cve 1
gentoo 1
kaspersky 1
apple 4
vmware 4
nessus
nessus
SuSE 11 Security Update : expat (SAT Patch Number 1765)
2011-03-17 00:00:00
SuSE 10 Security Update : expat (ZYPP Patch Number 6703)
2010-10-11 00:00:00
FreeBSD : expat2 -- buffer over-read and crash (e9fca207-e399-11de-881e-001aa0166822)
2009-12-08 00:00:00
debian
debian
[SECURITY] [DSA-1953-2] New expat packages fix regression
2009-12-31 14:15:48
[SECURITY] [DSA-1953-1] New expat packages fix denial of service
2009-12-15 20:23:03
[SECURITY] [DSA-1953-2] New expat packages fix regression
2009-12-31 14:15:48
freebsd
freebsd
expat2 -- buffer over-read and crash
2009-10-05 00:00:00
apr -- multiple vunerabilities
2010-10-02 00:00:00
libwww -- multiple vulnerabilities
2005-10-12 00:00:00
openvas
openvas
FreeBSD Ports: expat2
2009-12-10 00:00:00
SLES9: Security update for expat
2009-12-14 00:00:00
SLES9: Security update for expat
2009-12-14 00:00:00
seebug
seebug
expat big2_toUtf8()函数XMLζ–‡δ»Άθ§£ζžζ‹’η»ζœεŠ‘ζΌζ΄ž
2009-12-24 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-12-06 03:49:03
httpd
httpd
Apache Httpd < 2.0.64 : expat DoS
2009-12-18 00:00:00
Apache Httpd < 2.2.17 : expat DoS
2009-12-18 00:00:00
redhat
redhat
(RHSA-2009:1625) Moderate: expat security update
2009-12-07 00:00:00
(RHSA-2017:3239) Important: Red Hat JBoss Enterprise Application Platform 6.4.18 security update
2017-11-16 19:09:33
(RHSA-2009:1692) Important: rhev-hypervisor security and bug fix update
2009-12-23 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: expat-2.0.1-8.fc10
2009-12-04 23:57:13
[SECURITY] Fedora 12 Update: expat-2.0.1-8.fc12
2009-12-05 00:06:09
[SECURITY] Fedora 11 Update: expat-2.0.1-8.fc11
2009-12-05 00:02:48
oraclelinux
oraclelinux
expat security update
2009-12-07 00:00:00
centos
centos
expat security update
2009-12-07 23:34:29
f5
f5
SOL15905 - Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2014-12-11 00:00:00
K15905 : Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2015-03-16 00:00:00
ubuntu
ubuntu
Python 2.4 vulnerabilities
2010-01-22 00:00:00
CMake vulnerabilities
2010-04-15 00:00:00
Python 2.5 vulnerabilities
2010-01-21 00:00:00
osv
osv
python - several vulnerabilities
2010-01-25 00:00:00
debiancve
debiancve
CVE-2009-3560
2009-12-04 21:30:00
slackware
slackware
[slackware-security] httpd
2011-02-11 01:17:26
[slackware-security] expat
2011-02-11 01:17:08
prion
prion
Buffer overflow
2009-12-04 21:30:00
ubuntucve
ubuntucve
CVE-2009-3560
2009-12-04 00:00:00
cve
cve
CVE-2009-3560
2009-12-04 21:30:00
gentoo
gentoo
Expat: Multiple vulnerabilities
2012-09-24 00:00:00
kaspersky
kaspersky
KLA10066 Multiple vulnerabilities in Apache httpd
2010-10-19 00:00:00
apple
apple
About the security content of iTunes 12.6 - Apple Support
2017-03-22 07:40:40
About the security content of iTunes 12.6
2017-03-21 00:00:00
About the security content of iTunes 12.6 for Windows
2017-03-21 00:00:00
vmware
vmware
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON
Related for OSV:DSA-1953-2
nessus68debian5freebsd3openvas57seebug1veracode1httpd2redhat3fedora3oraclelinux1centos1f52ubuntu6osv1debiancve1slackware2prion1ubuntucve1cve1gentoo1kaspersky1apple4vmware4