CVE-2012-6702

Published: Jun 16, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.tenable.com/security/tns-2016-20

x_refsource_CONFIRM

91483

vdb-entry

x_refsource_BID

DSA-3597

vendor-advisory

x_refsource_DEBIAN

[oss-security] 20160603 Re: expat hash collision fix too predictable?

mailing-list

x_refsource_MLIST

[oss-security] 20160603 Re: expat hash collision fix too predictable?

mailing-list

x_refsource_MLIST

GLSA-201701-21

vendor-advisory

x_refsource_GENTOO

https://source.android.com/security/bulletin/2016-11-01.html

x_refsource_CONFIRM

USN-3010-1

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-6702

Description

Affected Products

References