Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-1148

Опубликовано: 03 мар. 2012
Источник: redhat
CVSS3: 7.5
CVSS2: 5

Описание

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.

A memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Certificate System 7.3expatWill not fix
Red Hat Directory Server 8expatAffected
Red Hat Enterprise Linux 4expatWill not fix
Red Hat Enterprise Linux 5xmlrpc-cWill not fix
Red Hat Enterprise Linux 6compat-expat1Will not fix
Red Hat Enterprise Linux 6mingw32-expatWill not fix
Red Hat JBoss Core ServicesexpatAffected
Red Hat JBoss Enterprise Application Platform 6expatAffected
Red Hat JBoss Enterprise Web Server 2expatAffected
Red Hat JBoss Enterprise Web Server 3expatFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-401
https://bugzilla.redhat.com/show_bug.cgi?id=801648expat: Memory leak in poolGrow

7.5 High

CVSS3

5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2012-1148

ubuntu
почти 13 лет назад

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.

nvd логотип

CVE-2012-1148

nvd
почти 13 лет назад

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.

debian логотип

CVE-2012-1148

debian
почти 13 лет назад

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat ...

github логотип

GHSA-hm5h-j86h-82pc

github
около 3 лет назад

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.

oracle-oval логотип

ELSA-2012-0731

oracle-oval
около 13 лет назад

ELSA-2012-0731: expat security update (MODERATE)

7.5 High

CVSS3

5 Medium

CVSS2