CVE-2009-3560Improper Restriction of Operations within the Bounds of a Memory Buffer in Project Libexpat

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer15 documents9 sources
Severity
5.0MEDIUMNVD
EPSS
3.0%
top 13.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Artifex GhostscriptAudacityteam AudacityMcabber+4 more
Timeline
PublishedDec 4
Latest updateMay 2

Description

The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages7 packages

NVDapache/http_server2.0.352.0.64+1
Debianmcabber/mcabber< 0.10.0-1+3
Debiansimgear/simgear< 2.10.0-1+3
Debianpocoproject/poco< 1.3.6p1-1+3

Patches

Patch: bugzilla.redhat.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

3
GHSA
GHSA-pcgv-8c5g-4m8p: The big2_toUtf8 function in lib/xmltok2022-05-02
OSV
CVE-2009-3560: The big2_toUtf8 function in lib/xmltok2009-12-04
CVEList
CVE-2009-3560: The big2_toUtf8 function in lib/xmltok2009-12-04

📋Vendor Advisories

10
Apple
CVE-2009-3560: iTunes 12.62017-03-21
Apple
CVE-2009-3560: iTunes 12.6 for Windows2017-03-21
Ubuntu
CMake vulnerabilities2010-04-15
Ubuntu
XML-RPC for C and C++ vulnerabilities2010-02-18
Ubuntu
PyXML vulnerabilities2010-01-26

💬Community

1
Bugzilla
CVE-2009-3560 expat: buffer over-read and crash in big2_toUtf8() on XML with malformed UTF-8 sequences2009-11-05
CVE-2009-3560 — Libexpat Project Libexpat vulnerability | cvebase