Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-4482

Опубликовано: 08 окт. 2008
Источник: nvd
CVSS2: 7.8
EPSS Низкий

Описание

The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:xerces-c\+\+:*:*:*:*:*:*:*:*
Версия до 2.8.0 (включая)
cpe:2.3:a:apache:xerces-c\+\+:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:xerces-c\+\+:2.7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 83%
0.01995
Низкий

7.8 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2008-4482

ubuntu
больше 17 лет назад

The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file.

debian логотип

CVE-2008-4482

debian
больше 17 лет назад

The XML parser in Xerces-C++ before 3.0.0 allows context-dependent att ...

github логотип

GHSA-37q4-89pv-rvxq

github
почти 4 года назад

The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file.

EPSS

Процентиль: 83%
0.01995
Низкий

7.8 High

CVSS2

Дефекты

CWE-20