Denial of service vulnerability in Expat XML parser by Expat
CVE-2012-0876

Currently unrated

Key Information:

Vendor

Libexpat Project

Status
Libexpat
Vendor
CVE Published:
3 July 2012

What is CVE-2012-0876?

The Expat XML parser is vulnerable to a denial of service attack due to the way it computes hash values in XML documents. Attackers can exploit this weakness by crafting XML files that contain multiple identifiers with identical values. This can lead to predictable hash collisions, resulting in high CPU consumption and potential service interruptions. Users of Expat should upgrade to version 2.1.0 or later to mitigate this risk and enhance their security posture.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/49504
third-party-advisoryx_refsource_SECUNIA
http://sourceforge.net/tracker/?func=detail&atid=110127&a...
x_refsource_CONFIRM
https://www.tenable.com/security/tns-2016-20
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.