Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-3720
Description:The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.
Test IDs: 1.3.6.1.4.1.25623.1.0.66199   1.3.6.1.4.1.25623.1.0.66678   1.3.6.1.4.1.25623.1.0.66309   1.3.6.1.4.1.25623.1.0.66687   1.3.6.1.4.1.25623.1.0.68625   1.3.6.1.4.1.25623.1.0.66447   1.3.6.1.4.1.25623.1.0.66627   1.3.6.1.4.1.25623.1.0.66190   1.3.6.1.4.1.25623.1.0.66195   1.3.6.1.4.1.25623.1.0.68152   1.3.6.1.4.1.25623.1.0.66465   1.3.6.1.4.1.25623.1.0.66311   1.3.6.1.4.1.25623.1.0.68622   1.3.6.1.4.1.25623.1.0.66698   1.3.6.1.4.1.25623.1.0.66189   1.3.6.1.4.1.25623.1.0.66239   1.3.6.1.4.1.25623.1.0.66448   1.3.6.1.4.1.25623.1.0.68615   1.3.6.1.4.1.25623.1.0.66697   1.3.6.1.4.1.25623.1.0.66314   1.3.6.1.4.1.25623.1.0.66198   1.3.6.1.4.1.25623.1.0.66646   1.3.6.1.4.1.25623.1.0.66193   1.3.6.1.4.1.25623.1.0.66446   1.3.6.1.4.1.25623.1.0.68623   1.3.6.1.4.1.25623.1.0.68611   1.3.6.1.4.1.25623.1.0.66273   1.3.6.1.4.1.25623.1.0.69281   1.3.6.1.4.1.25623.1.0.69279   1.3.6.1.4.1.25623.1.0.69448   1.3.6.1.4.1.25623.1.0.69538   1.3.6.1.4.1.25623.1.0.69446   1.3.6.1.4.1.25623.1.0.69533   1.3.6.1.4.1.25623.1.0.122405   1.3.6.1.4.1.25623.1.0.122412   1.3.6.1.4.1.25623.1.0.881282   1.3.6.1.4.1.25623.1.0.863062   1.3.6.1.4.1.25623.1.0.862919   1.3.6.1.4.1.25623.1.0.862928   1.3.6.1.4.1.25623.1.0.863066   1.3.6.1.4.1.25623.1.0.880500   1.3.6.1.4.1.25623.1.0.880556   1.3.6.1.4.1.25623.1.0.870428   1.3.6.1.4.1.25623.1.0.880625   1.3.6.1.4.1.25623.1.0.880719   1.3.6.1.4.1.25623.1.0.870430   1.3.6.1.4.1.25623.1.0.880742   1.3.6.1.4.1.25623.1.0.881427  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-3720
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00370.html
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00413.html
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01274.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051367.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051247.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051228.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051442.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051405.html
HPdes Security Advisory: HPSBUX02645
http://marc.info/?l=bugtraq&m=130168502603566&w=2
http://www.mandriva.com/security/advisories?name=MDVSA-2009:211
http://www.mandriva.com/security/advisories?name=MDVSA-2009:212
http://www.mandriva.com/security/advisories?name=MDVSA-2009:215
http://www.mandriva.com/security/advisories?name=MDVSA-2009:216
http://www.mandriva.com/security/advisories?name=MDVSA-2009:217
http://www.mandriva.com/security/advisories?name=MDVSA-2009:218
http://www.mandriva.com/security/advisories?name=MDVSA-2009:219
http://www.mandriva.com/security/advisories?name=MDVSA-2009:220
http://sourceforge.net/tracker/index.php?func=detail&aid=1990430&group_id=10127&atid=110127
http://mail.python.org/pipermail/expat-bugs/2009-January/002781.html
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E
http://www.openwall.com/lists/oss-security/2009/08/21/2
http://www.openwall.com/lists/oss-security/2009/08/26/4
http://www.openwall.com/lists/oss-security/2009/08/26/3
http://www.openwall.com/lists/oss-security/2009/08/27/6
http://www.openwall.com/lists/oss-security/2009/09/06/1
http://www.openwall.com/lists/oss-security/2009/10/23/2
http://www.openwall.com/lists/oss-security/2009/10/22/9
http://www.openwall.com/lists/oss-security/2009/10/22/5
http://www.openwall.com/lists/oss-security/2009/10/23/6
http://www.openwall.com/lists/oss-security/2009/10/26/3
http://www.openwall.com/lists/oss-security/2009/10/28/3
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11019
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12719
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7112
RedHat Security Advisories: RHSA-2010:0002
http://www.redhat.com/support/errata/RHSA-2010-0002.html
RedHat Security Advisories: RHSA-2011:0896
http://www.redhat.com/support/errata/RHSA-2011-0896.html
http://www.securitytracker.com/id?1023160
http://secunia.com/advisories/37324
http://secunia.com/advisories/37537
http://secunia.com/advisories/37925
http://secunia.com/advisories/38050
http://secunia.com/advisories/38231
http://secunia.com/advisories/38794
http://secunia.com/advisories/38832
http://secunia.com/advisories/38834
http://secunia.com/advisories/39478
http://secunia.com/advisories/41701
http://secunia.com/advisories/42326
http://secunia.com/advisories/42338
http://secunia.com/advisories/43300
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273630-1
SuSE Security Announcement: SUSE-SR:2009:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
SuSE Security Announcement: SUSE-SR:2010:011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
SuSE Security Announcement: SUSE-SR:2010:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
SuSE Security Announcement: SUSE-SR:2010:013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://www.ubuntu.com/usn/USN-890-1
http://www.ubuntu.com/usn/USN-890-6
http://www.vupen.com/english/advisories/2010/0528
http://www.vupen.com/english/advisories/2010/0896
http://www.vupen.com/english/advisories/2010/1107
http://www.vupen.com/english/advisories/2010/3035
http://www.vupen.com/english/advisories/2010/3053
http://www.vupen.com/english/advisories/2010/3061
http://www.vupen.com/english/advisories/2011/0359




© 1998-2024 E-Soft Inc. All rights reserved.