The XML parser (xmlparse.c) in expat prior to 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libexpat project libexpat |
||
python python |
||
debian debian linux 7.0 |
||
debian debian linux 6.0 |
||
canonical ubuntu linux 11.04 |
||
canonical ubuntu linux 11.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 12.04 |
||
oracle solaris 11.3 |
||
redhat enterprise linux server 5.0 |
||
redhat enterprise linux server aus 6.2 |
||
redhat enterprise linux workstation 5.0 |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux workstation 6.0 |
||
redhat enterprise linux desktop 5.0 |
||
redhat storage 2.0 |
||
redhat enterprise linux eus 6.2 |