Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-1885

Опубликовано: 11 авг. 2009
Источник: ubuntu
Приоритет: medium
CVSS2: 4.3

Описание

Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.

РелизСтатусПримечание
dapper

DNE

devel

not-affected

2.8.0+deb1-2build1
hardy

DNE

intrepid

ignored

end of life, was needed
jaunty

ignored

end of life
karmic

ignored

end of life
lucid

not-affected

2.8.0+deb1-2build1
maverick

not-affected

2.8.0+deb1-2build1
natty

not-affected

2.8.0+deb1-2build1
upstream

needs-triage

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-1885

redhat
больше 16 лет назад

Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.

nvd логотип

CVE-2009-1885

nvd
больше 16 лет назад

Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.

debian логотип

CVE-2009-1885

debian
больше 16 лет назад

Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Ap ...

github логотип

GHSA-m76p-wpqx-3m7x

github
почти 4 года назад

Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.

4.3 Medium

CVSS2