Vulnerability Details : CVE-2009-1885
Potential exploit
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2009-1885
- cpe:2.3:a:apache:xerces-c\+\+:2.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:2.8.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-1885
0.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 47 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-1885
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2009-1885
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2009-1885
-
Red Hat 2009-08-12Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2009-1885 The Red Hat Security Response Team has rated this issue as having low security impact, a future xerces-c packages update in Red Hat Enterprise MRG 1.1 may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/
References for CVE-2009-1885
-
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01099.html
[SECURITY] Fedora 10 Update: xerces-c-2.8.0-5.fc10
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/52321
Xerces C++ DTD structure denial of service CVE-2009-2416 Vulnerability Report
-
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01136.html
[SECURITY] Fedora 11 Update: xerces-c-2.8.0-5.fc11
-
https://bugzilla.redhat.com/show_bug.cgi?id=515515
515515 – (CVE-2009-1885) CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structuresPatch
-
http://www.vupen.com/english/advisories/2009/2196
Site en constructionPatch;Vendor Advisory
-
http://www.networkworld.com/columnists/2009/080509-xml-flaw.html
XML flaw threatens apps built with Sun, Apache, Python libraries | Network World
-
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01001.html
[SECURITY] Fedora 10 Update: xerces-c27-2.7.0-8.fc10
-
http://www.securityfocus.com/bid/35986
-
http://svn.apache.org/viewvc?view=rev&revision=781488
[Apache-SVN] Revision 781488Exploit
-
http://www.cert.fi/en/reports/2009/vulnerability2009085.html
Etusivu | Kyberturvallisuuskeskus
-
http://www.mandriva.com/security/advisories?name=MDVSA-2009:223
Mandriva
-
http://svn.apache.org/viewvc/xerces/c/trunk/src/xercesc/validators/DTD/DTDScanner.cpp?r1=781488&r2=781487&pathrev=781488&view=patch
-
http://www.codenomicon.com/labs/xml/
Vulnerabilities Found at CyRC - CyRC | Synopsys
-
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01150.html
[SECURITY] Fedora 11 Update: xerces-c27-2.7.0-8.fc11
Jump to