CVE-2012-1148

Debian Bug report logs - #663579 Three security issues Package: libexpat1; Maintainer for libexpat1 is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for libexpat1 is src:expat (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Mon, 12 Mar 2012 13:51:11 UTC Severity: grave Tag ...

Synopsis Moderate: expat security update Type/Severity Security Advisory: Moderate Topic Updated expat packages that fix two security issues are now available forRed Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability ...

Synopsis Important: Red Hat JBoss Core Services Apache HTTP 2423 Release Type/Severity Security Advisory: Important Topic Red Hat JBoss Core Services httpd 2423 is now available from the Red Hat Customer Portal for Solaris and Microsoft Windows systemsRed Hat Product Security has rated this release as ...

It was discovered that Expat, a C library to parse XML, is vulnerable to denial of service through hash collisions and a memory leak in pool handling For the stable distribution (squeeze), this problem has been fixed in version 201-7+squeeze1 For the testing distribution (wheezy), this problem has been fixed in version 210~beta3-1 For the un ...

Expat could be made to cause a denial of service by consuming excessive CPU and memory resources ...

XML-RPC for C and C++ could be made to cause a denial of service by consuming excessive CPU and memory resources ...

Several security issues were fixed in Python 24 ...

Several security issues were fixed in Python 25 ...

A denial of service flaw was found in the implementation of hash arrays in Expat An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially-crafted XML file that triggers multiple hash function collisions To mitigate this issue, randomization has been added to the hash funct ...