Back to search
CVE-2013-0338
Published: Apr 25, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
52662
third-party-advisory
x_refsource_SECUNIA
openSUSE-SU-2013:0555
vendor-advisory
x_refsource_SUSE
SUSE-SU-2013:1627
vendor-advisory
x_refsource_SUSE
https://bugzilla.redhat.com/show_bug.cgi?id=912400
x_refsource_CONFIRM
openSUSE-SU-2013:0552
vendor-advisory
x_refsource_SUSE
SSRT101996
vendor-advisory
x_refsource_HP
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
x_refsource_CONFIRM
DSA-2652
vendor-advisory
x_refsource_DEBIAN
HPSBGN03302
vendor-advisory
x_refsource_HP
55568
third-party-advisory
x_refsource_SECUNIA
USN-1782-1
vendor-advisory
x_refsource_UBUNTU
MDVSA-2013:056
vendor-advisory
x_refsource_MANDRIVA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now