4 matches found
expat: buffer over-read and crash on XML with malformed UTF-8 sequences
The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...
AZL-43945 CVE-2009-3720 affecting package ogdi 4.1.0-9
The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...
CVE-2009-3720
The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...
CVE-2009-3720
CVE-2009-3720 affects Expat 2.0.1 (libexpat) and its use in Python, PyXML, w3c-libwww, etc. Root cause: in lib/xmltok_impl.c, updatePosition handles crafted UTF-8 sequences, causing a buffer over-read and potential application crash (DoS). Connected documents confirm exploits are not detailed bey...