Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2009-3720

Опубликовано: 03 нояб. 2009
Источник: debian
EPSS Низкий

Описание

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
expatfixed2.0.1-5package
libxmltokremovedpackage
libxmltokignoredbookwormpackage
mcabberfixed0.10.0-1package
mcabberno-dsalennypackage
w3c-libwwwremovedpackage
w3c-libwwwno-dsaetchpackage
python-xmlremovedpackage
python-xmlno-dsaetchpackage
python-xmlfixed0.8.4-10.1+lenny1lennypackage
python2.5fixed2.5.4-3.1package
python2.4fixed2.4.4-3etch3package
python-4suitefixed1.0.2-7.2package
python-4suiteno-dsaetchpackage
python-4suiteno-dsalennypackage
wxwindows2.4removedpackage
wxwidgets2.6fixed2.6.3.2.2-4package
wxwidgets2.8fixed2.8.10.1-2package
audacityfixed1.3.2-1package
matanzaunfixedpackage
tdomfixed0.8.3~20080525-1package
tdomno-dsaetchpackage
udunitsfixed2.1.8-4package
ayttmfixed0.6.1-2package
ayttmno-dsaetchpackage
ayttmno-dsalennypackage
cableswigremovedpackage
cadaverunfixedpackage
centerimfixed4.22.10-1package
centerimno-dsalennypackage
cmakefixed2.6.0-6package
coin3unfixedpackage
gdcmfixed2.0.14-2package
ghostscriptfixed8.71~dfsg-2package
gs-gplremovedpackage
grmonitorremovedpackage
iceaperemovedpackage
insighttoolkitfixed3.16.0-1package
paraviewfixed3.6.2-1package
pocofixed1.3.6p1-1package
simgearfixed2.10.0-1package
smartfixed1.2-5package
smartno-dsaetchpackage
smartno-dsalennypackage
tlafixed1.3.5+dfsg-15package
tlafixed1.3.5+dfsg-14+lenny1lennypackage
xmlrpc-cfixed1.06.27-1.1package
xmlrpc-cno-dsaetchpackage
xmlrpc-cno-dsalennypackage
iceweaselnot-affectedpackage
kompozerfixed1:0.8~b1-2package
vxlfixed1.13.0-2package
xulrunnerunfixedpackage
texlive-binnot-affectedpackage
vnc4not-affectedpackage
xotclfixed1.6.5-1.2package
xotclno-dsalennypackage

EPSS

Процентиль: 72%
0.00762
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2009-3720

ubuntu
больше 15 лет назад

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

redhat логотип

CVE-2009-3720

redhat
больше 16 лет назад

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

nvd логотип

CVE-2009-3720

nvd
больше 15 лет назад

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

github логотип

GHSA-pj3x-74qr-vrr4

github
около 3 лет назад

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

oracle-oval логотип

ELSA-2010-0002

oracle-oval
больше 15 лет назад

ELSA-2010-0002: PyXML security update (MODERATE)

EPSS

Процентиль: 72%
0.00762
Низкий