Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-3720HistoryNov 03, 2009 - 4:30 p.m.
CVE-2009-3720
2009-11-0316:30:12
Debian Security Bug Tracker
security-tracker.debian.org
31
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.172
Percentile
96.2%
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | audacity | < 1.3.2-1 | audacity_1.3.2-1_all.deb |
| Debian | 11 | all | audacity | < 1.3.2-1 | audacity_1.3.2-1_all.deb |
| Debian | 999 | all | audacity | < 1.3.2-1 | audacity_1.3.2-1_all.deb |
| Debian | 13 | all | audacity | < 1.3.2-1 | audacity_1.3.2-1_all.deb |
| Debian | 12 | all | cadaver | <= 0.24+dfsg-1 | cadaver_0.24+dfsg-1_all.deb |
| Debian | 11 | all | cadaver | <= 0.23.3-2.1 | cadaver_0.23.3-2.1_all.deb |
| Debian | 999 | all | cadaver | <= 0.24+dfsg-4 | cadaver_0.24+dfsg-4_all.deb |
| Debian | 13 | all | cadaver | <= 0.24+dfsg-4 | cadaver_0.24+dfsg-4_all.deb |
| Debian | 12 | all | cmake | < 2.6.0-6 | cmake_2.6.0-6_all.deb |
| Debian | 11 | all | cmake | < 2.6.0-6 | cmake_2.6.0-6_all.deb |
Related
openvas
openvas
Mandriva Update for davfs MDVSA-2009:220-1 (davfs)
2010-01-15 00:00:00
Mandriva Security Advisory MDVSA-2009:211-1 (expat)
2009-12-10 00:00:00
Mandriva Security Advisory MDVSA-2009:215-1 (audacity)
2009-12-10 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : python (MDVSA-2009:212-1)
2009-08-24 00:00:00
Mandriva Linux Security Advisory : python-celementtree (MDVSA-2009:214)
2009-08-24 00:00:00
Mandriva Linux Security Advisory : wxgtk (MDVSA-2009:213-1)
2009-08-24 00:00:00
ubuntucve
ubuntucve
prion
prion
Buffer overflow
2009-11-03 16:30:00
Buffer overflow
2009-12-04 21:30:00
cvelist
cvelist
CVE-2009-3720
2009-11-03 16:00:00
CVE-2009-3560
2009-12-04 21:00:00
cve
cve
CVE-2009-3720
2009-11-03 16:30:12
CVE-2009-3560
2009-12-04 21:30:00
nvd
nvd
CVE-2009-3720
2009-11-03 16:30:12
CVE-2009-3560
2009-12-04 21:30:00
ubuntu
ubuntu
XML-RPC for C and C++ vulnerabilities
2010-02-18 00:00:00
Python 2.5 vulnerabilities
2010-01-21 00:00:00
CMake vulnerabilities
2010-04-15 00:00:00
debiancve
debiancve
CVE-2009-3560
2009-12-04 21:30:00
f5
f5
SOL15905 - Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2014-12-11 00:00:00
K15905 : Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2015-03-16 00:00:00
slackware
slackware
[slackware-security] expat
2011-02-11 01:17:08
freebsd
freebsd
libwww -- multiple vulnerabilities
2005-10-12 00:00:00
expat2 -- Parser crash with specially formatted UTF-8 sequences
2009-01-17 00:00:00
redhat
redhat
(RHSA-2010:0002) Moderate: PyXML security update
2010-01-04 00:00:00
(RHSA-2009:1572) Moderate: 4Suite security update
2009-11-10 00:00:00
centos
centos
PyXML security update
2010-01-04 23:32:13
4Suite security update
2009-11-10 21:28:54
fedora
fedora
[SECURITY] Fedora 15 Update: SimGear-2.0.0-5.fc15
2011-04-26 16:26:08
[SECURITY] Fedora 14 Update: SimGear-2.0.0-5.fc14
2011-04-29 22:18:43
[SECURITY] Fedora 13 Update: udunits2-2.1.19-1.fc13
2010-11-24 22:43:59
httpd
httpd
Apache Httpd < 2.0.64 : expat DoS
2009-08-21 00:00:00
Apache Httpd < 2.2.17 : expat DoS
2009-08-21 00:00:00
oraclelinux
oraclelinux
PyXML security update
2010-01-04 00:00:00
4Suite security update
2009-11-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:55:28
altlinux
altlinux
Security fix for the ALT Linux 5 package centerim version 4.22.10-alt1
2010-11-24 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.172
Percentile
96.2%
Related for DEBIANCVE:CVE-2009-3720