Computer Security
[EN] securityvulns.ru
no-pyccku

  

CVECVE-2009-2625
StatusUNKNOWN
DescriptionXMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
Severity
Medium
CVSS score5
CVSS vector(AV:N/AC:L/Au:N/C:N/I:N/A:P)
PhaseASSIGNED (05.05.2014)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2625
ReferencesMLIST : [oss-security] 20090906 Re: Re: expat bug 1990430
 MLIST : [oss-security] 20091022 Re: Regarding expat bug 1990430
 MLIST : [oss-security] 20091023 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430]
 MLIST : [oss-security] 20091026 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430]
 SUNALERT : 1021506
 SECTRACK : 1022680
 BUGTRAQ : 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components
 SUNALERT : 263489
 SUNALERT : 272209
 BID : 35958
 SECUNIA : 36162
 SECUNIA : 36176
 SECUNIA : 36180
 SECUNIA : 36199
 SECUNIA : 37300
 SECUNIA : 37460
 SECUNIA : 37671
 SECUNIA : 37754
 SECUNIA : 38231
 SECUNIA : 38342
 SECUNIA : 43300
 VUPEN : ADV-2009-2543
 VUPEN : ADV-2009-3316
 VUPEN : ADV-2011-0359
 APPLE : APPLE-SA-2009-09-03-1
 DEBIAN : DSA-1984
 FEDORA : FEDORA-2009-8329
 FEDORA : FEDORA-2009-8337
 HP : HPSBUX02476
 HP : HPSBUX02476
 CONFIRM : http://sunsolve.sun.com/search/document.do?assetke...
 CONFIRM : http://svn.apache.org/viewvc/xerces/java/trunk/src...
 MISC : http://www.cert.fi/en/reports/2009/vulnerability20...
 MISC : http://www.codenomicon.com/labs/xml/
 MISC : http://www.networkworld.com/columnists/2009/080509...
 CONFIRM : http://www.oracle.com/technology/deploy/security/c...
 CONFIRM : http://www.oracle.com/technology/deploy/security/c...
 CONFIRM : http://www.vmware.com/security/advisories/VMSA-200...
 CONFIRM : https://bugzilla.redhat.com/show_bug.cgi?id=512921
 MANDRIVA : MDVSA-2009:209
 OVAL : oval:org.mitre.oval:def:8520
 OVAL : oval:org.mitre.oval:def:9356
 REDHAT : RHSA-2009:1199
 REDHAT : RHSA-2009:1200
 REDHAT : RHSA-2009:1201
 REDHAT : RHSA-2009:1615
 REDHAT : RHSA-2009:1636
 REDHAT : RHSA-2009:1637
 REDHAT : RHSA-2009:1649
 REDHAT : RHSA-2009:1650
 SLACKWARE : SSA:2011-041-02
 SUSE : SUSE-SA:2009:053
 SUSE : SUSE-SR:2009:016
 SUSE : SUSE-SR:2009:017
 SUSE : SUSE-SR:2010:013
 CERT : TA09-294A
 CERT : TA10-012A
 UBUNTU : USN-890-1
SecurityVulns:Oracle multiple application security vulnerabilities
 OpenJDK multiple security vulnerabilities
 Oracle multiple security vulnerabilities
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru