CVE-2012-1148 in Apple iTunesinfo

Summary

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.

Reservation

02/14/2012

Disclosure

07/03/2012

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
99036	Apple iTunes Expat resource management	399	Not defined	Official fix	CVE-2012-1148
79576	Apple Mac OS X libexpat resource management	399	Not defined	Official fix	CVE-2012-1148
61176	Libexpat xmlparse.c poolGrow resource management	399	Not defined	Official fix	CVE-2012-1148

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!