Mandriva Linux Security Advisory 2009-223 - Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in simply nested DTD structures, as demonstrated by the Codenomicon XML fuzzing framework. This update provides a solution to this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
ec20b3493610025eeee650a11f31954eace01b2226bdda739015618531fdcb41Mandriva Linux Security Advisory 2009-223 - Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in simply nested DTD structures, as demonstrated by the Codenomicon XML fuzzing framework. This update provides a solution to this vulnerability.
a3906b3d2d9df7d4e98bc6f329777e914a9694aab0e0df43f586012842663e1d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed