Oracle Solaris Third-Party Patch Update : libexpat (multiple_resource_management_error_vulnerabilities)
Medium Nessus Plugin ID 80669
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. (CVE-2012-0876)
- Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities. (CVE-2012-1148)
SolutionUpgrade to Solaris 11/11 SRU 11.4.