Vulnerabilities

CVE-2009-2473

by Fred · 21/08/2009

neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

Date published : 2009-08-21

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

http://support.apple.com/kb/HT4435

Similar

Tags: Cybersecurity Alert