Vulnerability Details CVE-2012-1147
readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 74.5%
CVSS Severity
CVSS v2 Score 4.3
References
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/xmlwf/readfilemap.c?r1=1.14&r2=1.15
- http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
- http://sourceforge.net/projects/expat/files/expat/2.1.0/
- http://sourceforge.net/tracker/?func=detail&aid=2895533&group_id=10127&atid=110127
- http://trac.wxwidgets.org/ticket/11194
- http://trac.wxwidgets.org/ticket/11432
- http://www.securityfocus.com/bid/52379
- http://www.securitytracker.com/id/1034344
- https://support.apple.com/HT205637
- http://expat.cvs.sourceforge.net/viewvc/expat/expat/xmlwf/readfilemap.c?r1=1.14&r2=1.15
- http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
- http://sourceforge.net/projects/expat/files/expat/2.1.0/
- http://sourceforge.net/tracker/?func=detail&aid=2895533&group_id=10127&atid=110127
- http://trac.wxwidgets.org/ticket/11194
- http://trac.wxwidgets.org/ticket/11432
- http://www.securityfocus.com/bid/52379
- http://www.securitytracker.com/id/1034344
- https://support.apple.com/HT205637
Products affected by CVE-2012-1147
-
cpe:2.3:a:libexpat_project:libexpat:-
-
cpe:2.3:a:libexpat_project:libexpat:1.95.0
-
cpe:2.3:a:libexpat_project:libexpat:1.95.1
-
cpe:2.3:a:libexpat_project:libexpat:1.95.2
-
cpe:2.3:a:libexpat_project:libexpat:1.95.3
-
cpe:2.3:a:libexpat_project:libexpat:1.95.4
-
cpe:2.3:a:libexpat_project:libexpat:1.95.5
-
cpe:2.3:a:libexpat_project:libexpat:1.95.6
-
cpe:2.3:a:libexpat_project:libexpat:1.95.7
-
cpe:2.3:a:libexpat_project:libexpat:1.95.8
-
cpe:2.3:a:libexpat_project:libexpat:2.0.0
-
cpe:2.3:a:libexpat_project:libexpat:2.0.1
-
cpe:2.3:o:apple:mac_os_x:10.11.0
-
cpe:2.3:o:apple:mac_os_x:10.11.1