Name | CVE-2009-3720 |
Description | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DSA-1921-1, DSA-1977-1 |
Debian Bugs | 551936, 551938, 560912, 560913, 560914, 560915, 560916, 560917, 560919, 560920, 560921, 560922, 560924, 560925, 560926, 560927, 560928, 560929, 560930, 560931, 560932, 560933, 560935, 560936, 560937, 560940, 560942, 560944, 560945, 560946, 560950, 560951, 560953, 601053 |
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|---|---|---|
audacity (PTS) | bullseye | 2.4.2~dfsg0-5 | fixed |
bookworm | 3.2.4+dfsg-1 | fixed | |
sid, trixie | 3.6.4+dfsg-1 | fixed | |
cadaver (PTS) | bullseye | 0.23.3-2.1 | vulnerable |
bookworm | 0.24+dfsg-1 | vulnerable | |
sid, trixie | 0.24+dfsg-4 | vulnerable | |
cmake (PTS) | bullseye | 3.18.4-2+deb11u1 | fixed |
bookworm | 3.25.1-1 | fixed | |
sid, trixie | 3.30.5-1 | fixed | |
coin3 (PTS) | bullseye | 4.0.0+ds-1 | vulnerable |
bookworm | 4.0.0+ds-3 | vulnerable | |
sid, trixie | 4.0.2+ds-2 | vulnerable | |
expat (PTS) | bullseye | 2.2.10-2+deb11u5 | fixed |
bullseye (security) | 2.2.10-2+deb11u6 | fixed | |
bookworm | 2.5.0-1 | fixed | |
bookworm (security) | 2.5.0-1+deb12u1 | fixed | |
sid, trixie | 2.6.3-2 | fixed | |
gdcm (PTS) | bullseye | 3.0.8-2 | fixed |
bookworm | 3.0.21-1 | fixed | |
sid, trixie | 3.0.24-5 | fixed | |
ghostscript (PTS) | bullseye | 9.53.3~dfsg-7+deb11u7 | fixed |
bullseye (security) | 9.53.3~dfsg-7+deb11u8 | fixed | |
bookworm | 10.0.0~dfsg-11+deb12u4 | fixed | |
bookworm (security) | 10.0.0~dfsg-11+deb12u5 | fixed | |
sid, trixie | 10.04.0~dfsg-1 | fixed | |
matanza (PTS) | sid, bookworm, bullseye | 0.13+ds2-1 | vulnerable |
mcabber (PTS) | bullseye | 1.1.2-1 | fixed |
sid, trixie, bookworm | 1.1.2-2 | fixed | |
paraview (PTS) | bullseye | 5.9.0-2 | fixed |
bookworm | 5.11.0+dfsg-1 | fixed | |
sid | 5.13.1+dfsg-8 | fixed | |
poco (PTS) | bullseye | 1.10.0-6+deb11u1 | fixed |
bookworm | 1.11.0-3 | fixed | |
sid, trixie | 1.13.0-6 | fixed | |
simgear (PTS) | bullseye | 1:2020.3.6+dfsg-1 | fixed |
bookworm | 1:2020.3.16+dfsg-1 | fixed | |
sid, trixie | 1:2020.3.18+dfsg-2.1 | fixed | |
tdom (PTS) | bullseye | 0.9.2-1 | fixed |
bookworm | 0.9.3-1 | fixed | |
sid, trixie | 0.9.5-1 | fixed | |
texlive-bin (PTS) | bullseye | 2020.20200327.54578-7+deb11u1 | fixed |
bullseye (security) | 2020.20200327.54578-7+deb11u2 | fixed | |
bookworm | 2022.20220321.62855-5.1+deb12u1 | fixed | |
sid, trixie | 2024.20240313.70630+ds-5 | fixed | |
tla (PTS) | bullseye | 1.3.5+dfsg1-2 | fixed |
bookworm | 1.3.5+dfsg1-2.1 | fixed | |
sid | 1.3.5+dfsg2-1 | fixed | |
udunits (PTS) | bullseye | 2.2.28-3 | fixed |
bookworm | 2.2.28-5 | fixed | |
sid, trixie | 2.2.28-7 | fixed | |
xmlrpc-c (PTS) | bullseye | 1.33.14-9 | fixed |
bookworm | 1.33.14-11 | fixed | |
sid, trixie | 1.59.03-5 | fixed | |
xotcl (PTS) | bullseye | 1.6.8-4.1 | fixed |
sid, trixie, bookworm | 1.6.8-5 | fixed |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
audacity | source | (unstable) | 1.3.2-1 | unimportant | 560919 | |
ayttm | source | (unstable) | 0.6.1-2 | low | 560924 | |
cableswig | source | (unstable) | (unfixed) | unimportant | 560925 | |
cadaver | source | (unstable) | (unfixed) | unimportant | 560926 | |
centerim | source | (unstable) | 4.22.10-1 | low | ||
cmake | source | (unstable) | 2.6.0-6 | unimportant | 560927 | |
coin3 | source | (unstable) | (unfixed) | unimportant | 560928 | |
expat | source | etch | 1.95.8-3.4+etch1 | DSA-1921-1 | ||
expat | source | lenny | 2.0.1-4+lenny1 | DSA-1921-1 | ||
expat | source | (unstable) | 2.0.1-5 | low | 551936 | |
gdcm | source | (unstable) | 2.0.14-2 | low | 560929 | |
ghostscript | source | (unstable) | 8.71~dfsg-2 | unimportant | 560930 | |
grmonitor | source | (unstable) | (unfixed) | unimportant | 560931 | |
gs-gpl | source | (unstable) | (unfixed) | unimportant | ||
iceape | source | (unstable) | (unfixed) | unimportant | 560932 | |
iceweasel | source | (unstable) | (not affected) | |||
insighttoolkit | source | (unstable) | 3.16.0-1 | unimportant | 560933 | |
kompozer | source | (unstable) | 1:0.8~b1-2 | unimportant | 560944 | |
matanza | source | (unstable) | (unfixed) | unimportant | 560920 | |
mcabber | source | (unstable) | 0.10.0-1 | low | 601053 | |
paraview | source | (unstable) | 3.6.2-1 | unimportant | 560935 | |
poco | source | (unstable) | 1.3.6p1-1 | unimportant | 560936 | |
python-4suite | source | (unstable) | 1.0.2-7.2 | low | 560914 | |
python-xml | source | lenny | 0.8.4-10.1+lenny1 | |||
python-xml | source | (unstable) | (unfixed) | low | 560951 | |
python2.4 | source | etch | 2.4.4-3+etch3 | DSA-1977-1 | ||
python2.4 | source | lenny | 2.4.6-1+lenny1 | DSA-1977-1 | ||
python2.4 | source | (unstable) | 2.4.4-3etch3 | low | 560913 | |
python2.5 | source | etch | 2.5-5+etch2 | DSA-1977-1 | ||
python2.5 | source | lenny | 2.5.2-15+lenny1 | DSA-1977-1 | ||
python2.5 | source | (unstable) | 2.5.4-3.1 | low | 560912 | |
simgear | source | (unstable) | 2.10.0-1 | unimportant | 560937 | |
smart | source | (unstable) | 1.2-5 | low | 560953 | |
tdom | source | (unstable) | 0.8.3~20080525-1 | low | 560921 | |
texlive-bin | source | (unstable) | (not affected) | |||
tla | source | lenny | 1.3.5+dfsg-14+lenny1 | |||
tla | source | (unstable) | 1.3.5+dfsg-15 | unimportant | 560940 | |
udunits | source | (unstable) | 2.1.8-4 | unimportant | 560922 | |
vnc4 | source | (unstable) | (not affected) | |||
vxl | source | (unstable) | 1.13.0-2 | low | 560945 | |
w3c-libwww | source | (unstable) | (unfixed) | low | 551938 | |
wxwidgets2.6 | source | (unstable) | 2.6.3.2.2-4 | unimportant | 560916 | |
wxwidgets2.8 | source | (unstable) | 2.8.10.1-2 | unimportant | 560917 | |
wxwindows2.4 | source | (unstable) | (unfixed) | unimportant | 560915 | |
xmlrpc-c | source | (unstable) | 1.06.27-1.1 | low | 560942 | |
xotcl | source | (unstable) | 1.6.5-1.2 | low | 560950 | |
xulrunner | source | (unstable) | (unfixed) | unimportant | 560946 |
[lenny] - mcabber <no-dsa> (Minor issue)
[etch] - w3c-libwww <no-dsa> (Minor issue, only used by fringe apps)
[etch] - python-xml <no-dsa> (minor issue)
[etch] - python-4suite <no-dsa> (Minor issue)
[lenny] - python-4suite <no-dsa> (Minor issue)
[etch] - tdom <no-dsa> (minor issue)
[etch] - ayttm <no-dsa> (minor issue)
[lenny] - ayttm <no-dsa> (minor issue)
[lenny] - centerim <no-dsa> (Minor issue)
[etch] - smart <no-dsa> (minor issue)
[lenny] - smart <no-dsa> (minor issue)
[etch] - xmlrpc-c <no-dsa> (minor issue)
[lenny] - xmlrpc-c <no-dsa> (minor issue)
- iceweasel <not-affected> (uses xulrunner; bug #560943)
- texlive-bin <not-affected> (Files are not compiled in, see #560948)
- vnc4 <not-affected> (Not affected, see bug #560949)
[lenny] - xotcl <no-dsa> (minor issue)