CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
96.2%
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | audacity | < 1.3.2-1 | audacity_1.3.2-1_all.deb |
Debian | 11 | all | audacity | < 1.3.2-1 | audacity_1.3.2-1_all.deb |
Debian | 999 | all | audacity | < 1.3.2-1 | audacity_1.3.2-1_all.deb |
Debian | 13 | all | audacity | < 1.3.2-1 | audacity_1.3.2-1_all.deb |
Debian | 12 | all | cadaver | <= 0.24+dfsg-1 | cadaver_0.24+dfsg-1_all.deb |
Debian | 11 | all | cadaver | <= 0.23.3-2.1 | cadaver_0.23.3-2.1_all.deb |
Debian | 999 | all | cadaver | <= 0.24+dfsg-4 | cadaver_0.24+dfsg-4_all.deb |
Debian | 13 | all | cadaver | <= 0.24+dfsg-4 | cadaver_0.24+dfsg-4_all.deb |
Debian | 12 | all | cmake | < 2.6.0-6 | cmake_2.6.0-6_all.deb |
Debian | 11 | all | cmake | < 2.6.0-6 | cmake_2.6.0-6_all.deb |