CVE-2008-4482
published 2008-10-08CVE-2008-4482: The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema…
high7.8CVSS 3.1
AVNACLAuNCNINAC
The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | xerces-c | <= 2.8.0 | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |
| apache | xerces-c | — | — |