Vulnerability Details : CVE-2012-0876
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.
Vulnerability category: Denial of service
Products affected by CVE-2012-0876
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:6.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:storage:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
- cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
Threat overview for CVE-2012-0876
Top countries where our scanners detected CVE-2012-0876
Top open port discovered on systems with this issue
8123
IPs affected by CVE-2012-0876 112,606
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2012-0876!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2012-0876
0.40%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 60 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-0876
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2012-0876
-
The product does not properly control the allocation and maintenance of a limited resource.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-0876
-
http://rhn.redhat.com/errata/RHSA-2012-0731.html
RHSA-2012:0731 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
Oracle Solaris Bulletin - July 2016Third Party Advisory
-
http://www.ubuntu.com/usn/USN-1613-2
USN-1613-2: Python 2.4 vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://www.tenable.com/security/tns-2016-20
[R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities - Security Advisory | Tenable®Third Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2012:041
mandriva.comBroken Link
-
http://rhn.redhat.com/errata/RHSA-2016-2957.html
RHSA-2016:2957 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://sourceforge.net/tracker/?func=detail&atid=110127&aid=3496608&group_id=10127
Expat XML Parser / Bugs / #496 CVE-2012-0876 - Hash DOS attackThird Party Advisory
-
http://sourceforge.net/projects/expat/files/expat/2.1.0/
Expat XML Parser - Browse /expat/2.1.0 at SourceForge.netRelease Notes;Third Party Advisory
-
http://www.debian.org/security/2012/dsa-2525
Debian -- Security Information -- DSA-2525-1 expatThird Party Advisory
-
http://secunia.com/advisories/51024
Sign inNot Applicable
-
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
Apple - Lists.apple.comBroken Link;Mailing List
-
http://mail.libexpat.org/pipermail/expat-discuss/2012-March/002768.html
403 ForbiddenBroken Link
-
http://bugs.python.org/issue13703#msg151870
Issue 13703: Hash collision security issue - Python trackerIssue Tracking;Third Party Advisory
-
http://secunia.com/advisories/49504
Sign inNot Applicable
-
http://secunia.com/advisories/51040
Sign inNot Applicable
-
http://www.securityfocus.com/bid/52379
Expat XML Parsing Multiple Remote Denial of Service VulnerabilitiesThird Party Advisory;VDB Entry
-
https://support.apple.com/HT205637
About the security content of OS X El Capitan 10.11.2, Security Update 2015-005 Yosemite, and Security Update 2015-008 Mavericks - Apple SupportThird Party Advisory
-
http://www.ubuntu.com/usn/USN-1527-1
USN-1527-1: Expat vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
Apple - Lists.apple.comBroken Link;Mailing List
-
http://rhn.redhat.com/errata/RHSA-2016-0062.html
RHSA-2016:0062 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.ubuntu.com/usn/USN-1613-1
USN-1613-1: Python 2.5 vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://kc.mcafee.com/corporate/index?page=content&id=SB10365
Security Bulletin - Policy Auditor update fixes multiple vulnerabilities in third-party libraries (CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2017-17740, CVE-2017-9287, CVE-2019-13057, CVE-2020-Broken Link
Jump to