FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2009-3720

This CVE name corresponds to:

Entered Topic
2010-10-06 apr -- multiple vunerabilities
2009-12-08 expat2 -- Parser crash with specially formatted UTF-8 sequences

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2009-3720 at cve.mitre.org

Details

Type Candidate
Name CVE-2009-3720
Phase Assigned(20091016)

Description

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

References

Source Reference
MLIST [expat-bugs] 20090117 [ expat-Bugs-1990430 ] Parser crash with specially formatted UTF-8 sequences
MLIST [oss-security] 20090821 expat bug 1990430
MLIST [oss-security] 20090826 Re: Re: expat bug 1990430
MLIST [oss-security] 20090826 Re: expat bug 1990430
MLIST [oss-security] 20090827 Re: Re: expat bug 1990430
MLIST [oss-security] 20090906 Re: Re: expat bug 1990430
MLIST [oss-security] 20091022 Re: Re: Regarding expat bug 1990430
MLIST [oss-security] 20091022 Re: Regarding expat bug 1990430
MLIST [oss-security] 20091022 Regarding expat bug 1990430
MLIST [oss-security] 20091023 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430]
MLIST [oss-security] 20091026 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430]
MLIST [oss-security] 20091028 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430]
MLIST [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates
MISC http://sourceforge.net/tracker/index.php?func=detail&aid=1990430&group_id=10127&atid=110127
CONFIRM http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13&r2=1.15&view=patch
CONFIRM http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?view=log
CONFIRM http://svn.python.org/view?view=rev&revision=74429
CONFIRM https://bugs.gentoo.org/show_bug.cgi?id=280615
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=531697
FEDORA FEDORA-2009-12690
FEDORA FEDORA-2009-12737
FEDORA FEDORA-2009-12753
FEDORA FEDORA-2010-17720
FEDORA FEDORA-2010-17732
FEDORA FEDORA-2010-17762
FEDORA FEDORA-2010-17807
FEDORA FEDORA-2010-17819
MANDRIVA MDVSA-2009:211
MANDRIVA MDVSA-2009:212
MANDRIVA MDVSA-2009:215
MANDRIVA MDVSA-2009:216
MANDRIVA MDVSA-2009:217
MANDRIVA MDVSA-2009:218
MANDRIVA MDVSA-2009:220
MANDRIVA MDVSA-2009:219
REDHAT RHSA-2010:0002
REDHAT RHSA-2011:0896
SLACKWARE SSA:2011-041-02
SUNALERT 273630
SUSE SUSE-SR:2009:018
SUSE SUSE-SR:2010:011
SUSE SUSE-SR:2010:012
SUSE SUSE-SR:2010:013
SUSE SUSE-SR:2010:014
UBUNTU USN-890-1
UBUNTU USN-890-6
OVAL oval:org.mitre.oval:def:11019
OVAL oval:org.mitre.oval:def:7112
OVAL oval:org.mitre.oval:def:12719
SECTRACK 1023160
SECUNIA 37324
SECUNIA 37537
SECUNIA 37925
SECUNIA 38231
SECUNIA 38794
SECUNIA 38832
SECUNIA 38834
SECUNIA 39478
SECUNIA 38050
SECUNIA 41701
SECUNIA 43300
SECUNIA 42326
SECUNIA 42338
VUPEN ADV-2010-0528
VUPEN ADV-2010-0896
VUPEN ADV-2010-1107
VUPEN ADV-2011-0359
VUPEN ADV-2010-3035
VUPEN ADV-2010-3053
VUPEN ADV-2010-3061

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.