Vulnerability in Apple Mac_os_x
CVE-2012-1148
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled r…
EPSS: 0.010 (77.0th percentile) — read the EPSS interpretation.
Affected products
- Apple Mac_os_x
- Libexpat_project Libexpat — versions 1.95.1, 1.95.2, 1.95.4
- N/a — versions n/a
Weakness classification (CWE)
References
- 49504 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- USN-1527-1 (x_refsource_UBUNTU, vendor-advisory)
- secalert@redhat.com (x_refsource_CONFIRM)
- 1034344 (vdb-entry, x_refsource_SECTRACK)
- secalert@redhat.com (x_refsource_CONFIRM, Patch)
- 51040 (x_refsource_SECUNIA, third-party-advisory)
- RHSA-2012:0731 (x_refsource_REDHAT, vendor-advisory)
- 52379 (vdb-entry, x_refsource_BID)
- secalert@redhat.com (x_refsource_CONFIRM)
- RHSA-2016:0062 (x_refsource_REDHAT, vendor-advisory)