CVE-2009-3560

Published: Dec 4, 2009Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720.

Affected (3)

Products: Libexpat Project: Libexpat · Apache: Http Server

1 product

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Libexpat Project Libexpat	Version 2.0.1

Running on/with	Platform Versions
Xmltwig Xml Twig For Perl	All versions

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Apache Http Server	From 2.0.35 to 2.0.64
Apache Http Server	From 2.2.0 to 2.2.17

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (116)

http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.165

Source: secalert@redhat.com

Permissions Required

http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.165

Source: secalert@redhat.com

Broken Link

http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://lists.vmware.com/pipermail/security-announce/2010/000082.html

Source: secalert@redhat.com

Broken Link

http://mail.python.org/pipermail/expat-bugs/2009-November/002846.html

Source: secalert@redhat.com

Exploit

http://marc.info/?l=bugtraq&m=130168502603566&w=2

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://secunia.com/advisories/37537

Source: secalert@redhat.com

Broken Link

http://secunia.com/advisories/38231

Source: secalert@redhat.com

Broken Link

http://secunia.com/advisories/38794

Source: secalert@redhat.com

Broken Link

http://secunia.com/advisories/38832

Source: secalert@redhat.com

Broken Link

http://secunia.com/advisories/38834

Source: secalert@redhat.com

Broken Link

http://secunia.com/advisories/39478

Source: secalert@redhat.com

Broken Link

http://secunia.com/advisories/41701

Source: secalert@redhat.com

Broken Link

http://secunia.com/advisories/43300

Source: secalert@redhat.com

Broken Link

http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-66-273630-1

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://www.debian.org/security/2009/dsa-1953

Source: secalert@redhat.com

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2009:316

Source: secalert@redhat.com

Broken Link

http://www.redhat.com/support/errata/RHSA-2011-0896.html

Source: secalert@redhat.com

Broken Link

http://www.securityfocus.com/bid/37203

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id?1023278

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-890-1

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-890-6

Source: secalert@redhat.com

Third Party Advisory

http://www.vupen.com/english/advisories/2010/0528

Source: secalert@redhat.com

Broken Link

http://www.vupen.com/english/advisories/2010/0896

Source: secalert@redhat.com

Broken Link

http://www.vupen.com/english/advisories/2010/1107

Source: secalert@redhat.com

Broken Link

http://www.vupen.com/english/advisories/2011/0359

Source: secalert@redhat.com

Broken Link

https://bugzilla.redhat.com/show_bug.cgi?id=533174

Source: secalert@redhat.com

Issue TrackingPatch

https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10613

Source: secalert@redhat.com

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12942

Source: secalert@redhat.com

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6883

Source: secalert@redhat.com

Broken Link

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00370.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00394.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00413.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.165