CVE-2012-1148

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.

References

http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.166&r2=1.167

http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html

http://rhn.redhat.com/errata/RHSA-2012-0731.html

http://rhn.redhat.com/errata/RHSA-2016-0062.html

http://rhn.redhat.com/errata/RHSA-2016-2957.html

http://secunia.com/advisories/49504

http://secunia.com/advisories/51024

http://secunia.com/advisories/51040

http://sourceforge.net/projects/expat/files/expat/2.1.0/

http://sourceforge.net/tracker/?func=detail&atid=110127&aid=2958794&group_id=10127

http://www.debian.org/security/2012/dsa-2525

http://www.mandriva.com/security/advisories?name=MDVSA-2012:041

http://www.securityfocus.com/bid/52379

http://www.securitytracker.com/id/1034344

http://www.ubuntu.com/usn/USN-1527-1

http://www.ubuntu.com/usn/USN-1613-1

http://www.ubuntu.com/usn/USN-1613-2

https://support.apple.com/HT205637

Details

Source: MITRE

Published: 2012-07-03

Updated: 2021-01-25

Type: CWE-399

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:libexpat_project:libexpat:1.95.1:*:*:*:*:*:*:*

cpe:2.3:a:libexpat_project:libexpat:1.95.2:*:*:*:*:*:*:*

cpe:2.3:a:libexpat_project:libexpat:1.95.4:*:*:*:*:*:*:*

cpe:2.3:a:libexpat_project:libexpat:1.95.5:*:*:*:*:*:*:*

cpe:2.3:a:libexpat_project:libexpat:1.95.6:*:*:*:*:*:*:*

cpe:2.3:a:libexpat_project:libexpat:1.95.7:*:*:*:*:*:*:*

cpe:2.3:a:libexpat_project:libexpat:1.95.8:*:*:*:*:*:*:*

cpe:2.3:a:libexpat_project:libexpat:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:* versions up to 2.0.1 (inclusive)

Configuration 2

OR

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to 10.11.1 (inclusive)

Tenable Plugins

View all (25 total)

IDNameProductFamilySeverity
145061IBM HTTP Server 7.0.0.0 <= 7.0.0.41 / 8.0.0.0 < 8.0.0.13 / 8.5.0.0 < 8.5.5.11 / 9.0.0.0 < 9.0.0.2 Multiple Vulnerabilities (548231)NessusWeb Servers
critical
100027Apple iTunes < 12.6 Multiple Vulnerabilities (macOS) (credentialed check)NessusMacOS X Local Security Checks
critical
100026Apple iTunes < 12.6 Multiple Vulnerabilities (uncredentialed check)NessusPeer-To-Peer File Sharing
critical
100025Apple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)NessusWindows
critical
9325Mac OS X 10.11.x < 10.11.2 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
89039VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0016) (remote check)NessusMisc.
high
87321Mac OS X Multiple Vulnerabilities (Security Updates 2015-005 / 2015-008)NessusMacOS X Local Security Checks
critical
87314Mac OS X 10.11.x < 10.11.2 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
86013F5 Networks BIG-IP : Expat vulnerabilities (K16949)NessusF5 Networks Local Security Checks
medium
80669Oracle Solaris Third-Party Patch Update : libexpat (multiple_resource_management_error_vulnerabilities)NessusSolaris Local Security Checks
medium
69696Amazon Linux AMI : expat (ALAS-2012-89)NessusAmazon Linux Local Security Checks
medium
68543Oracle Linux 5 / 6 : expat (ELSA-2012-0731)NessusOracle Linux Local Security Checks
medium
64127SuSE 11.1 Security Update : expat (SAT Patch Number 6200)NessusSuSE Local Security Checks
medium
62944VMSA-2012-0016 : VMware security updates for vSphere API and ESX Service ConsoleNessusVMware ESX Local Security Checks
high
62620Ubuntu 8.04 LTS : python2.4 vulnerabilities (USN-1613-2)NessusUbuntu Local Security Checks
medium
62619Ubuntu 8.04 LTS : python2.5 vulnerabilities (USN-1613-1)NessusUbuntu Local Security Checks
medium
62287GLSA-201209-06 : Expat: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
62036Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : xmlrpc-c vulnerabilities (USN-1527-2)NessusUbuntu Local Security Checks
medium
61485Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : expat vulnerabilities (USN-1527-1)NessusUbuntu Local Security Checks
medium
61441Debian DSA-2525-1 : expat - several vulnerabilitiesNessusDebian Local Security Checks
medium
61327Scientific Linux Security Update : expat on SL5.x, SL6.x i386/x86_64 (20120613)NessusScientific Linux Local Security Checks
medium
59639SuSE 10 Security Update : expat (ZYPP Patch Number 8015)NessusSuSE Local Security Checks
medium
59491RHEL 5 / 6 : expat (RHSA-2012:0731)NessusRed Hat Local Security Checks
medium
59482CentOS 5 / 6 : expat (CESA-2012:0731)NessusCentOS Local Security Checks
medium
58506Mandriva Linux Security Advisory : expat (MDVSA-2012:041)NessusMandriva Local Security Checks
medium