Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability

Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability

References:

[Expat-bugs] [ expat-Bugs-1990430 ] Parser crash with specially formatted UTF-8 (Peter Valchev)
Apache HTTP Server 2.2.17 Released (Apache Software Foundation)
APR-util Changelog (Apache Software Foundation)
expat bug 1990430 (Robert Buchholz)
Expat Homepage (James Clark)
Gentoo Bug 280615 - (Robert Buchholz)

HPSBUX02645 SSRT100387 rev.1 - HP-UX Apache Web Server, Remote Information Discl (HP)
Python Homepage (Python Software Foundation)
Recommended fixes for WebSphere Application Server (IBM)
Revision 74429 (brett.cannon)
VMSA-2012-0001 (VMWare)
What's New in Python 2.5.5c2? (Python Software Foundation)
What's New in Python 3.1.1? (Python Software Foundation)
ASA-2010-003 expat security update (RHSA-2009-1625) (Avaya)
ASA-2010-008 (Avaya)
ASA-2010-025: PyXML security update (RHSA-2010-0002) (Avaya)
ASA-2011-157 python security update (RHSA-2011-0491) (Avaya)
ASA-2011-170 python security update (RHSA-2011-0492) (Avaya)
Multiple Security Vulnerabilities in the libexpat Library May Lead to a Denial o (Sun Microsystems)
PM24234: mod_dav UTF-8 sequence handling problem (IBM)
September 13, 2011 - Director multiple Apache vulnerabilities (Blue Coat)

Privacy Statement
Copyright 2010, SecurityFocus