CVE-2012-0876

MEDIUM

Description

The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.

References

http://bugs.python.org/issue13703#msg151870

http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html

http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html

http://mail.libexpat.org/pipermail/expat-discuss/2012-March/002768.html

http://rhn.redhat.com/errata/RHSA-2012-0731.html

http://rhn.redhat.com/errata/RHSA-2016-0062.html

http://rhn.redhat.com/errata/RHSA-2016-2957.html

http://secunia.com/advisories/49504

http://secunia.com/advisories/51024

http://secunia.com/advisories/51040

http://sourceforge.net/projects/expat/files/expat/2.1.0/

http://sourceforge.net/tracker/?func=detail&atid=110127&aid=3496608&group_id=10127

http://www.debian.org/security/2012/dsa-2525

http://www.mandriva.com/security/advisories?name=MDVSA-2012:041

http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

http://www.securityfocus.com/bid/52379

http://www.ubuntu.com/usn/USN-1527-1

http://www.ubuntu.com/usn/USN-1613-1

http://www.ubuntu.com/usn/USN-1613-2

https://support.apple.com/HT205637

https://www.tenable.com/security/tns-2016-20

Details

Source: MITRE

Published: 2012-07-03

Updated: 2018-01-05

Type: CWE-399

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

cpe:2.3:a:libexpat:expat:1.95.1:*:*:*:*:*:*:*

cpe:2.3:a:libexpat:expat:1.95.2:*:*:*:*:*:*:*

cpe:2.3:a:libexpat:expat:1.95.4:*:*:*:*:*:*:*

cpe:2.3:a:libexpat:expat:1.95.5:*:*:*:*:*:*:*

cpe:2.3:a:libexpat:expat:1.95.6:*:*:*:*:*:*:*

cpe:2.3:a:libexpat:expat:1.95.7:*:*:*:*:*:*:*

cpe:2.3:a:libexpat:expat:1.95.8:*:*:*:*:*:*:*

cpe:2.3:a:libexpat:expat:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:libexpat:expat:*:*:*:*:*:*:*:* versions up to 2.0.1 (inclusive)

Tenable Plugins

View all (35 total)

ID	Name	Product	Family	Severity
109594	FreeBSD : python 2.7 -- multiple vulnerabilities (8719b935-8bae-41ad-92ba-3c826f651219)	Nessus	FreeBSD Local Security Checks	high
109583	Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2018-124-01)	Nessus	Slackware Local Security Checks	high
103796	FreeBSD : Python 2.7 -- multiple vulnerabilities (9164f51e-ae20-11e7-a633-009c02a2ab30)	Nessus	FreeBSD Local Security Checks	high
97280	openSUSE Security Update : expat (openSUSE-2017-260)	Nessus	SuSE Local Security Checks	high
97080	SUSE SLED12 / SLES12 Security Update : expat (SUSE-SU-2017:0424-1)	Nessus	SuSE Local Security Checks	high
97065	SUSE SLES11 Security Update : expat (SUSE-SU-2017:0415-1)	Nessus	SuSE Local Security Checks	high
96337	Tenable Passive Vulnerability Scanner 5.x < 5.2.0 Multiple Vulnerabilities (SWEET32)	Nessus	Misc.	critical
94301	F5 Networks BIG-IP : Expat XML library vulnerability (K70938105)	Nessus	F5 Networks Local Security Checks	high
9325	Mac OS X 10.11.x < 10.11.2 Multiple Vulnerabilities	Nessus Network Monitor	Operating System Detection	high
89039	VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0016) (remote check)	Nessus	Misc.	high
87321	Mac OS X Multiple Vulnerabilities (Security Updates 2015-005 / 2015-008)	Nessus	MacOS X Local Security Checks	critical
87314	Mac OS X 10.11.x < 10.11.2 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high
86013	F5 Networks BIG-IP : Expat vulnerabilities (K16949)	Nessus	F5 Networks Local Security Checks	medium
80749	Oracle Solaris Third-Party Patch Update : python (multiple_vulnerabilities_in_python) (BEAST)	Nessus	Solaris Local Security Checks	medium
80669	Oracle Solaris Third-Party Patch Update : libexpat (multiple_resource_management_error_vulnerabilities)	Nessus	Solaris Local Security Checks	medium
79862	ESXi 5.1 < Build 2323236 Third-Party Libraries Multiple Vulnerabilities (remote check) (BEAST)	Nessus	Misc.	medium
70561	Mac OS X 10.x < 10.9 Multiple Vulnerabilities (BEAST)	Nessus	MacOS X Local Security Checks	high
69696	Amazon Linux AMI : expat (ALAS-2012-89)	Nessus	Amazon Linux Local Security Checks	medium
68543	Oracle Linux 5 / 6 : expat (ELSA-2012-0731)	Nessus	Oracle Linux Local Security Checks	medium
64127	SuSE 11.1 Security Update : expat (SAT Patch Number 6200)	Nessus	SuSE Local Security Checks	medium
62944	VMSA-2012-0016 : VMware security updates for vSphere API and ESX Service Console	Nessus	VMware ESX Local Security Checks	high
62620	Ubuntu 8.04 LTS : python2.4 vulnerabilities (USN-1613-2)	Nessus	Ubuntu Local Security Checks	medium
62619	Ubuntu 8.04 LTS : python2.5 vulnerabilities (USN-1613-1)	Nessus	Ubuntu Local Security Checks	medium
62287	GLSA-201209-06 : Expat: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
62036	Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : xmlrpc-c vulnerabilities (USN-1527-2)	Nessus	Ubuntu Local Security Checks	medium
61956	Mandriva Linux Security Advisory : python (MDVSA-2012:097)	Nessus	Mandriva Local Security Checks	medium
61485	Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : expat vulnerabilities (USN-1527-1)	Nessus	Ubuntu Local Security Checks	medium
61441	Debian DSA-2525-1 : expat - several vulnerabilities	Nessus	Debian Local Security Checks	medium
61327	Scientific Linux Security Update : expat on SL5.x, SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
59639	SuSE 10 Security Update : expat (ZYPP Patch Number 8015)	Nessus	SuSE Local Security Checks	medium
59635	Mandriva Linux Security Advisory : python (MDVSA-2012:096)	Nessus	Mandriva Local Security Checks	medium
59491	RHEL 5 / 6 : expat (RHSA-2012:0731)	Nessus	Red Hat Local Security Checks	medium
59482	CentOS 5 / 6 : expat (CESA-2012:0731)	Nessus	CentOS Local Security Checks	medium
58924	Fedora 16 : expat-2.1.0-1.fc16 (2012-5058)	Nessus	Fedora Local Security Checks	medium
58506	Mandriva Linux Security Advisory : expat (MDVSA-2012:041)	Nessus	Mandriva Local Security Checks	medium