CVE-2012-1148

Name	CVE-2012-1148
Description	Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.
Source	CVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
References	DSA-2525-1
NVD severity	medium (attack range: remote)
Debian Bugs	663579, 687672
Debian/oldstable	package xmlrpc-c is vulnerable.
Debian/stable	not vulnerable.
Debian/testing	not vulnerable.
Debian/unstable	not vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
expat (PTS)	squeeze (security), squeeze	2.0.1-7+squeeze1	fixed
	wheezy	2.1.0-1+deb7u1	fixed
	jessie, sid	2.1.0-6	fixed
xmlrpc-c (PTS)	squeeze	1.06.27-1.1	vulnerable
	wheezy	1.16.33-3.2	fixed
	jessie, sid	1.33.14-0.2	fixed

The information above is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
expat	source	(unstable)	2.1.0~beta3-1	medium		663579
expat	source	squeeze	2.0.1-7+squeeze1	medium	DSA-2525-1
xmlrpc-c	source	(unstable)	1.16.33-3.2	low		687672

[squeeze] - xmlrpc-c <no-dsa> (Minor issue)