Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2009-2625 CVE-2009-3720 CVE-2009-3560

USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for CMake.

Original advisory details:

Source

15 April 2010

cmake vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 9.04
Ubuntu 8.10
Ubuntu 8.04 LTS

Software Description

cmake

Details

USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for CMake.

Original advisory details:

Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. (CVE-2009-2625, CVE-2009-3720)

It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. (CVE-2009-3560)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 9.04: cmake - 2.6.2-1ubuntu1.1
Ubuntu 8.10: cmake - 2.6.0-4ubuntu2.1
Ubuntu 8.04 LTS: cmake - 2.4.7-1ubuntu0.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system upgrade is sufficient to effect the necessary changes.

References

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

cmake vulnerabilities

cmake vulnerabilities

Software Description

Details

Update instructions

References

Vulmon Search

About

Products

Connect