5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.017 Low
EPSS
Percentile
86.2%
The 4Suite package contains XML-related tools and libraries for Python,
including 4DOM, 4XSLT, 4XPath, 4RDF, and 4XPointer.
A buffer over-read flaw was found in the way 4Suite’s XML parser handles
malformed UTF-8 sequences when processing XML files. A specially-crafted
XML file could cause applications using the 4Suite library to crash while
parsing the file. (CVE-2009-3720)
Note: In Red Hat Enterprise Linux 3, this flaw only affects a non-default
configuration of the 4Suite package: configurations where the beta version
of the cDomlette module is enabled.
All 4Suite users should upgrade to this updated package, which contains a
backported patch to correct this issue. After installing the updated
package, applications using the 4Suite XML-related tools and libraries must
be restarted for the update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | ia64 | 4suite | < 1.0-3.el4_8.1 | 4Suite-1.0-3.el4_8.1.ia64.rpm |
RedHat | 4 | s390 | 4suite | < 1.0-3.el4_8.1 | 4Suite-1.0-3.el4_8.1.s390.rpm |
RedHat | 4 | s390x | 4suite | < 1.0-3.el4_8.1 | 4Suite-1.0-3.el4_8.1.s390x.rpm |
RedHat | 4 | src | 4suite | < 1.0-3.el4_8.1 | 4Suite-1.0-3.el4_8.1.src.rpm |
RedHat | 4 | x86_64 | 4suite | < 1.0-3.el4_8.1 | 4Suite-1.0-3.el4_8.1.x86_64.rpm |
RedHat | 4 | i386 | 4suite | < 1.0-3.el4_8.1 | 4Suite-1.0-3.el4_8.1.i386.rpm |
RedHat | 4 | ppc | 4suite | < 1.0-3.el4_8.1 | 4Suite-1.0-3.el4_8.1.ppc.rpm |