Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-3720

Опубликовано: 03 нояб. 2009
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5

Описание

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

РелизСтатусПримечание
artful

not-affected

code-not-compiled
bionic

not-affected

code-not-compiled
cosmic

not-affected

code-not-compiled
dapper

not-affected

code-not-compiled
devel

not-affected

code-not-compiled
disco

not-affected

code-not-compiled
eoan

not-affected

code-not-compiled
esm-infra-legacy/trusty

not-affected

code-not-compiled
esm-infra/bionic

not-affected

code-not-compiled
esm-infra/focal

not-affected

code-not-compiled

Показывать по

РелизСтатусПримечание
artful

not-affected

code-not-compiled
bionic

not-affected

code-not-compiled
cosmic

not-affected

code-not-compiled
dapper

DNE

devel

not-affected

code-not-compiled
disco

not-affected

code-not-compiled
eoan

not-affected

code-not-compiled
esm-infra-legacy/trusty

not-affected

code-not-compiled
esm-infra/bionic

not-affected

code-not-compiled
esm-infra/focal

not-affected

code-not-compiled

Показывать по

РелизСтатусПримечание
artful

not-affected

uses system expat
bionic

not-affected

uses system expat
cosmic

not-affected

uses system expat
dapper

ignored

end of life
devel

not-affected

uses system expat
disco

not-affected

uses system expat
eoan

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-apps/xenial

not-affected

0.6.1-2
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [0.6.1-2]]
esm-infra/focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needs-triage]
esm-infra/focal

DNE

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
dapper

ignored

end of life
devel

needed

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needed

esm-apps/focal

needed

esm-apps/jammy

needed

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

not-affected

code-not-compiled
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

code-not-compiled
bionic

not-affected

code-not-compiled
cosmic

not-affected

code-not-compiled
dapper

ignored

end of life
devel

not-affected

code-not-compiled
disco

not-affected

code-not-compiled
eoan

not-affected

code-not-compiled
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [code-not-compiled]]
esm-infra/bionic

not-affected

code-not-compiled
esm-infra/focal

not-affected

code-not-compiled

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
dapper

DNE

devel

needed

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needed

esm-apps/focal

needed

esm-apps/jammy

needed

Показывать по

РелизСтатусПримечание
artful

released

2.0.1-7ubuntu1
bionic

released

2.0.1-7ubuntu1
cosmic

released

2.0.1-7ubuntu1
dapper

released

1.95.8-3ubuntu0.1
devel

released

2.0.1-7ubuntu1
disco

released

2.0.1-7ubuntu1
eoan

released

2.0.1-7ubuntu1
esm-infra-legacy/trusty

released

2.0.1-7ubuntu1
esm-infra/bionic

released

2.0.1-7ubuntu1
esm-infra/focal

released

2.0.1-7ubuntu1

Показывать по

РелизСтатусПримечание
artful

not-affected

uses system expat
bionic

not-affected

uses system expat
cosmic

not-affected

uses system expat
dapper

DNE

devel

not-affected

uses system expat
disco

not-affected

uses system expat
eoan

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
artful

not-affected

code-not-compiled
bionic

not-affected

code-not-compiled
cosmic

not-affected

code-not-compiled
dapper

DNE

devel

not-affected

code-not-compiled
disco

not-affected

code-not-compiled
eoan

not-affected

code-not-compiled
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [code-not-compiled]]
esm-infra/bionic

not-affected

code-not-compiled
esm-infra/focal

not-affected

code-not-compiled

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needs-triage]
esm-infra/focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

not-affected

esm-apps/focal

not-affected

esm-apps/jammy

not-affected

esm-apps/noble

not-affected

esm-apps/xenial

not-affected

focal

not-affected

hirsute

ignored

end of life
impish

ignored

end of life

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

ignored

end of standard support, was needs-triage
cosmic

ignored

end of life
dapper

ignored

end of life
devel

ignored

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

ignored

esm-apps/focal

ignored

esm-apps/jammy

ignored

Показывать по

РелизСтатусПримечание
artful

not-affected

3.8.1-1ubuntu1
bionic

not-affected

3.8.1-1ubuntu1
cosmic

not-affected

3.8.1-1ubuntu1
dapper

DNE

devel

not-affected

5.13.2+dfsg-2ubuntu1
disco

not-affected

3.8.1-1ubuntu1
eoan

not-affected

3.8.1-1ubuntu1
esm-apps/bionic

not-affected

3.8.1-1ubuntu1
esm-apps/focal

not-affected

3.8.1-1ubuntu1
esm-apps/jammy

not-affected

3.8.1-1ubuntu1

Показывать по

РелизСтатусПримечание
artful

not-affected

uses system expat
bionic

not-affected

uses system expat
cosmic

not-affected

uses system expat
dapper

DNE

devel

not-affected

uses system expat
disco

not-affected

uses system expat
eoan

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

released

0.8.4-1ubuntu3.1
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

released

2.4.3-0ubuntu6.4
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

uses system expat
bionic

not-affected

uses system expat
cosmic

not-affected

uses system expat
dapper

ignored

end of life
devel

not-affected

uses system expat
disco

not-affected

uses system expat
eoan

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

uses system expat
cosmic

not-affected

uses system expat
dapper

ignored

end of life
devel

needs-triage

disco

not-affected

uses system expat
eoan

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
artful

not-affected

code-not-compiled
bionic

not-affected

code-not-compiled
cosmic

not-affected

code-not-compiled
dapper

ignored

end of life
devel

DNE

disco

not-affected

code-not-compiled
eoan

not-affected

code-not-compiled
esm-apps/bionic

not-affected

code-not-compiled
esm-apps/xenial

not-affected

code-not-compiled
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [code-not-compiled]]

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

ignored

end of standard support, was needs-triage
cosmic

ignored

end of life
dapper

ignored

end of life
devel

needs-triage

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

uses system expat
cosmic

ignored

end of life
dapper

ignored

end of life
devel

not-affected

uses system expat
disco

not-affected

uses system expat
eoan

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
artful

not-affected

code-not-compiled
bionic

not-affected

code-not-compiled
cosmic

not-affected

code-not-compiled
dapper

DNE

devel

not-affected

code-not-compiled
disco

not-affected

code-not-compiled
eoan

not-affected

code-not-compiled
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [code-not-compiled]]
esm-infra/bionic

not-affected

code-not-compiled
esm-infra/focal

not-affected

code-not-compiled

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

uses system expat
cosmic

ignored

end of life
dapper

ignored

end of life
devel

not-affected

uses system expat
disco

not-affected

uses system expat
eoan

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

cosmic

not-affected

dapper

ignored

end of life
devel

DNE

disco

not-affected

eoan

not-affected

esm-apps/bionic

not-affected

esm-apps/xenial

not-affected

esm-infra-legacy/trusty

not-affected

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-apps/xenial

not-affected

uses system expat
esm-infra-legacy/trusty

not-affected

uses system expat
esm-infra/focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

uses system expat
cosmic

not-affected

uses system expat
dapper

ignored

end of life
devel

not-affected

uses system expat
disco

not-affected

uses system expat
eoan

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [uses system expat]]
esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

released

1.06.27-1ubuntu7
bionic

released

1.06.27-1ubuntu7
cosmic

released

1.06.27-1ubuntu7
dapper

ignored

end of life
devel

released

1.06.27-1ubuntu7
disco

released

1.06.27-1ubuntu7
eoan

released

1.06.27-1ubuntu7
esm-apps/bionic

released

1.06.27-1ubuntu7
esm-apps/focal

released

1.06.27-1ubuntu7
esm-apps/jammy

released

1.06.27-1ubuntu7

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

1.6.5-1.2
cosmic

ignored

end of life
dapper

DNE

devel

not-affected

1.6.5-1.2
disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

not-affected

1.6.5-1.2
esm-apps/focal

not-affected

1.6.5-1.2
esm-apps/jammy

not-affected

1.6.5-1.2

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 86%
0.03012
Низкий

5 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-3720

redhat
почти 17 лет назад

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

nvd логотип

CVE-2009-3720

nvd
около 16 лет назад

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

debian логотип

CVE-2009-3720

debian
около 16 лет назад

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ...

github логотип

GHSA-pj3x-74qr-vrr4

github
больше 3 лет назад

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

oracle-oval логотип

ELSA-2010-0002

oracle-oval
почти 16 лет назад

ELSA-2010-0002: PyXML security update (MODERATE)

EPSS

Процентиль: 86%
0.03012
Низкий

5 Medium

CVSS2