Xerces-C++ Nested DTD Structure XML Parsing Remote Denial of Service Vulnerability

Bugtraq ID: 35986
Class: Design Error
CVE: CVE-2009-1885
Remote: Yes
Local: No
Published: Aug 07 2009 12:00AM
Updated: Apr 13 2015 09:34PM
Credit: Jukka Taimisto, Tero Rontti and Rauli Kaksonen from the CROSS project at Codenomicon Ltd
Vulnerable: SuSE SUSE Linux Enterprise Server 9
SuSE SUSE Linux Enterprise 11
SuSE SUSE Linux Enterprise 10
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
Pardus Linux 2009 0
Mandriva Linux Mandrake 2009.1 x86_64
Mandriva Linux Mandrake 2009.1
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
Mandriva Linux Mandrake 2008.1 x86_64
Mandriva Linux Mandrake 2008.1
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Apache Xerces C++ 3.0.1
Apache Xerces C++ 3.0
Apache Xerces C++ 2.8
Apache Xerces C++ 2.6 .0
Apache Xerces C++ 2.5 .0
Apache Xerces C++ 2.2
Apache Xerces C++ 2.1 .0
Apache Xerces C++ 1.7
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus