CVE-2012-1147
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
03/07/2012
Last modified:
11/04/2025
Description
readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.
Impact
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:apple:mac_os_x:10.11.0:*:*:*:*:*:*:* | ||
cpe:2.3:o:apple:mac_os_x:10.11.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:* | 2.0.1 (including) | |
cpe:2.3:a:libexpat_project:libexpat:1.95.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:libexpat_project:libexpat:1.95.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:libexpat_project:libexpat:1.95.4:*:*:*:*:*:*:* | ||
cpe:2.3:a:libexpat_project:libexpat:1.95.5:*:*:*:*:*:*:* | ||
cpe:2.3:a:libexpat_project:libexpat:1.95.6:*:*:*:*:*:*:* | ||
cpe:2.3:a:libexpat_project:libexpat:1.95.7:*:*:*:*:*:*:* | ||
cpe:2.3:a:libexpat_project:libexpat:1.95.8:*:*:*:*:*:*:* | ||
cpe:2.3:a:libexpat_project:libexpat:2.0.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/xmlwf/readfilemap.c?r1=1.14&r2=1.15
- http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
- http://sourceforge.net/projects/expat/files/expat/2.1.0/
- http://sourceforge.net/tracker/?func=detail&aid=2895533&group_id=10127&atid=110127
- http://trac.wxwidgets.org/ticket/11194
- http://trac.wxwidgets.org/ticket/11432
- http://www.securityfocus.com/bid/52379
- http://www.securitytracker.com/id/1034344
- https://support.apple.com/HT205637
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/xmlwf/readfilemap.c?r1=1.14&r2=1.15
- http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
- http://sourceforge.net/projects/expat/files/expat/2.1.0/
- http://sourceforge.net/tracker/?func=detail&aid=2895533&group_id=10127&atid=110127
- http://trac.wxwidgets.org/ticket/11194
- http://trac.wxwidgets.org/ticket/11432
- http://www.securityfocus.com/bid/52379
- http://www.securitytracker.com/id/1034344
- https://support.apple.com/HT205637