CVE-2012-1148
expat: Memory leak in poolGrow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.
Múltiples fugas de memoria en la función poolGrow en expat/lib/xmlparse.c en expat anteriores a v2.1.0 podría permitir a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de un número largo de ficheros XML manipulados que provocan fallos en la relocalización cuando se expanden las entidades.
A memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted.
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-02-14 CVE Reserved
- 2012-07-03 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
- CWE-401: Missing Release of Memory after Effective Lifetime
CAPEC
References (20)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/51024 | Third Party Advisory | |
| http://secunia.com/advisories/51040 | Third Party Advisory | |
| http://sourceforge.net/projects/expat/files/expat/2.1.0 | X_refsource_confirm | |
| http://sourceforge.net/tracker/?func=detail&atid=110127&aid=2958794&group_id=10127 | X_refsource_confirm | |
| http://www.securityfocus.com/bid/52379 | Vdb Entry | |
| http://www.securitytracker.com/id/1034344 | Vdb Entry | |
| https://support.apple.com/HT205637 | X_refsource_confirm |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.166&r2=1.167 | 2021-01-25 |
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html | 2021-01-25 | |
| http://rhn.redhat.com/errata/RHSA-2012-0731.html | 2021-01-25 | |
| http://rhn.redhat.com/errata/RHSA-2016-0062.html | 2021-01-25 | |
| http://rhn.redhat.com/errata/RHSA-2016-2957.html | 2021-01-25 | |
| http://secunia.com/advisories/49504 | 2021-01-25 | |
| http://www.debian.org/security/2012/dsa-2525 | 2021-01-25 | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2012:041 | 2021-01-25 | |
| http://www.ubuntu.com/usn/USN-1527-1 | 2021-01-25 | |
| http://www.ubuntu.com/usn/USN-1613-1 | 2021-01-25 | |
| http://www.ubuntu.com/usn/USN-1613-2 | 2021-01-25 | |
| https://access.redhat.com/security/cve/CVE-2012-1148 | 2016-12-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=801648 | 2016-12-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Libexpat Project Search vendor "Libexpat Project" | Libexpat Search vendor "Libexpat Project" for product "Libexpat" | <= 2.0.1 Search vendor "Libexpat Project" for product "Libexpat" and version " <= 2.0.1" | - |
Affected
| ||||||
| Libexpat Project Search vendor "Libexpat Project" | Libexpat Search vendor "Libexpat Project" for product "Libexpat" | 1.95.1 Search vendor "Libexpat Project" for product "Libexpat" and version "1.95.1" | - |
Affected
| ||||||
| Libexpat Project Search vendor "Libexpat Project" | Libexpat Search vendor "Libexpat Project" for product "Libexpat" | 1.95.2 Search vendor "Libexpat Project" for product "Libexpat" and version "1.95.2" | - |
Affected
| ||||||
| Libexpat Project Search vendor "Libexpat Project" | Libexpat Search vendor "Libexpat Project" for product "Libexpat" | 1.95.4 Search vendor "Libexpat Project" for product "Libexpat" and version "1.95.4" | - |
Affected
| ||||||
| Libexpat Project Search vendor "Libexpat Project" | Libexpat Search vendor "Libexpat Project" for product "Libexpat" | 1.95.5 Search vendor "Libexpat Project" for product "Libexpat" and version "1.95.5" | - |
Affected
| ||||||
| Libexpat Project Search vendor "Libexpat Project" | Libexpat Search vendor "Libexpat Project" for product "Libexpat" | 1.95.6 Search vendor "Libexpat Project" for product "Libexpat" and version "1.95.6" | - |
Affected
| ||||||
| Libexpat Project Search vendor "Libexpat Project" | Libexpat Search vendor "Libexpat Project" for product "Libexpat" | 1.95.7 Search vendor "Libexpat Project" for product "Libexpat" and version "1.95.7" | - |
Affected
| ||||||
| Libexpat Project Search vendor "Libexpat Project" | Libexpat Search vendor "Libexpat Project" for product "Libexpat" | 1.95.8 Search vendor "Libexpat Project" for product "Libexpat" and version "1.95.8" | - |
Affected
| ||||||
| Libexpat Project Search vendor "Libexpat Project" | Libexpat Search vendor "Libexpat Project" for product "Libexpat" | 2.0.0 Search vendor "Libexpat Project" for product "Libexpat" and version "2.0.0" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | <= 10.11.1 Search vendor "Apple" for product "Mac Os X" and version " <= 10.11.1" | - |
Affected
| ||||||