Lucene search
Ubuntu.comUB:CVE-2009-1885HistoryAug 11, 2009 - 12:00 a.m.
CVE-2009-1885
2009-08-1100:00:00
ubuntu.com
ubuntu.com
12
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS
0.001
Percentile
47.9%
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache
Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a
denial of service (application crash) via vectors involving nested
parentheses and invalid byte values in “simply nested DTD structures,” as
demonstrated by the Codenomicon XML fuzzing framework.
Related
openvas
openvas
Fedora Core 11 FEDORA-2009-8332 (xerces-c27)
2009-09-02 00:00:00
Mandrake Security Advisory MDVSA-2009:223 (xerces-c)
2009-09-02 00:00:00
Mandrake Security Advisory MDVSA-2009:223 (xerces-c)
2009-09-02 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: xerces-c-2.8.0-5.fc11
2009-08-25 04:47:37
[SECURITY] Fedora 10 Update: xerces-c27-2.7.0-8.fc10
2009-08-25 04:25:22
[SECURITY] Fedora 10 Update: xerces-c-2.8.0-5.fc10
2009-08-25 04:40:52
nvd
nvd
CVE-2009-1885
2009-08-11 18:30:00
nessus
nessus
Fedora 11 : xerces-c-2.8.0-5.fc11 (2009-8345)
2009-08-25 00:00:00
openSUSE 10 Security Update : Xerces-c (Xerces-c-6430)
2009-10-06 00:00:00
Mandriva Linux Security Advisory : xerces-c (MDVSA-2009:223-1)
2009-08-31 00:00:00
cve
cve
CVE-2009-1885
2009-08-11 18:30:00
securityvulns
securityvulns
[ MDVSA-2009:223 ] xerces-c
2009-08-31 00:00:00
Apache Xerces C++ library
2009-08-31 00:00:00
debiancve
debiancve
CVE-2009-1885
2009-08-11 18:30:00
prion
prion
Stack overflow
2009-08-11 18:30:00
cvelist
cvelist
CVE-2009-1885
2009-08-11 18:00:00
osv
osv
libxerces-c-3_1-3.1.4-1.3 on GA media
2024-06-15 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS
0.001
Percentile
47.9%
Related for UB:CVE-2009-1885