Описание
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | expat | Out of support scope | ||
| Red Hat Enterprise Linux 6 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 6 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 6 | xulrunner | Out of support scope | ||
| Red Hat Enterprise Linux 7 | firefox | Affected | ||
| Red Hat Enterprise Linux 7 | thunderbird | Affected | ||
| Red Hat Enterprise Linux 7 | xulrunner | Will not fix | ||
| Red Hat Enterprise Linux 8 | firefox | Affected | ||
| Red Hat Enterprise Linux 8 | thunderbird | Affected | ||
| Red Hat Enterprise Linux 9 | firefox | Not affected |
Показывать по
Дополнительная информация
Статус:
8.8 High
CVSS3
Связанные уязвимости
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an in ...
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
8.8 High
CVSS3