Lucene search
K

9 matches found

RedHat Linux
RedHat Linux
added 2011/06/22 11:14 p.m.7 views

expat: buffer over-read and crash on XML with malformed UTF-8 sequences

The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...

5CVSS6.8AI score0.27924EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/01/04 5:58 p.m.4 views

expat: buffer over-read and crash on XML with malformed UTF-8 sequences

The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...

5CVSS6.9AI score0.27924EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/11/10 7:46 p.m.3 views

expat: buffer over-read and crash on XML with malformed UTF-8 sequences

The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...

5CVSS6.9AI score0.27924EPSS
Exploits1References4
OSV
OSV
added 2009/11/03 4:30 p.m.9 views

AZL-43945 CVE-2009-3720 affecting package ogdi 4.1.0-9

The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...

5CVSS6.8AI score0.27924EPSS
Exploits1References1
CVE
CVE
added 2009/11/03 4:0 p.m.241 views

CVE-2009-3720

CVE-2009-3720 affects Expat 2.0.1 (libexpat) and its use in Python, PyXML, w3c-libwww, etc. Root cause: in lib/xmltok_impl.c, updatePosition handles crafted UTF-8 sequences, causing a buffer over-read and potential application crash (DoS). Connected documents confirm exploits are not detailed bey...

5CVSS7AI score0.27924EPSS
Exploits1References93Affected Software1
Cvelist
Cvelist
added 2009/11/03 4:0 p.m.45 views

CVE-2009-3720

The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...

7AI score0.27924EPSS
Exploits1References93
OSV
OSV
added 2009/11/03 12:0 a.m.4 views

UBUNTU-CVE-2009-3720

The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...

5CVSS6.9AI score0.27924EPSS
Exploits1References8
FreeBSD
FreeBSD
added 2009/01/17 12:0 a.m.33 views

expat2 -- Parser crash with specially formatted UTF-8 sequences

CVE reports: The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buff...

5CVSS7.6AI score0.27924EPSS
Exploits1
FreeBSD
FreeBSD
added 2005/10/12 12:0 a.m.37 views

libwww -- multiple vulnerabilities

Mitre reports: The HTBoundaryputblock function in HTBound.c for W3C libwww w3c-libwww allows remote servers to cause a denial of service segmentation fault via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read. The big2toUtf8 function in lib/xmltok.c in libexpat in...

5CVSS6.7AI score0.27924EPSS
Exploits4References1
Rows per page
Query Builder