This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
CVE-2009-3720 expat: buffer over-read and crash on XML with malformed
CVE-2009-3560 expat: buffer over-read and crash in big2_toUtf8() on
XML with malformed UTF-8 sequences
Two buffer over-read flaws were found in the way Expat handled
malformed UTF-8 sequences when processing XML files. A
specially-crafted XML file could cause applications using Expat to
crash while parsing the file. (CVE-2009-3560, CVE-2009-3720)
After installing the updated packages, applications using the Expat
library must be restarted for the update to take effect.
See also :
Update the affected expat and / or expat-devel packages.
Risk factor :
Medium / CVSS Base Score : 5.0