Vulnerability Details : CVE-2009-2416
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
Vulnerability category: Memory CorruptionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2009-2416
Probability of exploitation activity in the next 30 days: 0.94%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 81 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-2416
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.8
|
3.6
|
NIST |
CWE ids for CVE-2009-2416
-
Assigned by: nvd@nist.gov (Primary)
-
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-2416
-
http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html
Bug#540865: libxml2: CVE-2009-2414, CVE-2009-2416 pointer-user-after-free and stack overflow because of function recursionPatch
-
http://www.vupen.com/english/advisories/2009/3184
Webmail: access your OVH emails on ovhcloud.com | OVHcloudBroken Link
-
http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html
Mailing List
-
http://support.apple.com/kb/HT3949
About the security content of Safari 4.0.4 - Apple SupportThird Party Advisory
-
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
VMSA-2009-0016.6Third Party Advisory
-
http://secunia.com/advisories/37346
About Secunia Research | FlexeraBroken Link
-
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html
[SECURITY] Fedora 11 Update: mingw32-libxml2-2.7.3-2.fc11Mailing List
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262
404 Not FoundBroken Link
-
http://www.vupen.com/english/advisories/2009/3316
Webmail: access your OVH emails on ovhcloud.com | OVHcloudBroken Link
-
http://www.networkworld.com/columnists/2009/080509-xml-flaw.html
XML flaw threatens apps built with Sun, Apache, Python libraries | Network WorldBroken Link
-
http://www.securityfocus.com/bid/36010
Broken Link;Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2009:015 - openSUSE Security Announce - openSUSE Mailing ListsMailing List
-
http://secunia.com/advisories/36417
About Secunia Research | FlexeraBroken Link
-
http://www.vupen.com/english/advisories/2009/3217
Webmail: access your OVH emails on ovhcloud.com | OVHcloudBroken Link
-
http://support.apple.com/kb/HT3937
Page Not Found - Apple SupportThird Party Advisory
-
http://www.ubuntu.com/usn/USN-815-1
USN-815-1: libxml2 vulnerabilities | Ubuntu security notices | UbuntuThird Party Advisory
-
http://www.vupen.com/english/advisories/2009/2420
Webmail: access your OVH emails on ovhcloud.com | OVHcloudBroken Link
-
http://support.apple.com/kb/HT4225
About the security content of iOS 4 - Apple SupportThird Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783
404 Not FoundBroken Link
-
http://www.cert.fi/en/reports/2009/vulnerability2009085.html
Etusivu | KyberturvallisuuskeskusBroken Link
-
http://secunia.com/advisories/36631
About Secunia Research | FlexeraBroken Link
-
http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html
CVE-2009-2414 / CVE-2009-2416Third Party Advisory
-
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html
[SECURITY] Fedora 10 Update: libxml2-2.7.3-2.fc10Mailing List
-
http://www.codenomicon.com/labs/xml/
Vulnerabilities Found at CyRC - CyRC | SynopsysBroken Link
-
http://secunia.com/advisories/36207
About Secunia Research | FlexeraBroken Link
-
http://secunia.com/advisories/35036
About Secunia Research | FlexeraBroken Link
-
http://secunia.com/advisories/36338
About Secunia Research | FlexeraBroken Link
-
http://secunia.com/advisories/37471
About Secunia Research | FlexeraBroken Link
-
https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59
Fix a couple of problems in the parser (489f9671) · Commits · GNOME / libxml2 · GitLabPatch
-
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Broken Link;Third Party Advisory;VDB Entry
-
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html
[SECURITY] Fedora 11 Update: libxml2-2.7.3-3.fc11Mailing List
-
http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html
Chrome Releases: Stable Update: Security fixesRelease Notes
-
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
Mailing List
-
http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html
Apple - Lists.apple.comMailing List
-
http://www.debian.org/security/2009/dsa-1859
[SECURITY] [DSA 1859-1] New libxml2 packages fix several issuesMailing List;Patch
-
https://bugzilla.redhat.com/show_bug.cgi?id=515205
515205 – (CVE-2009-2416) CVE-2009-2416 libxml, libxml2, mingw32-libxml2: Pointer use-after-free flaws by parsing Notation and Enumeration attribute typesIssue Tracking;Patch
Products affected by CVE-2009-2416
- cpe:2.3:a:sun:openoffice.org:*:*:*:*:*:*:*:*
- cpe:2.3:a:sun:openoffice.org:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:11.0:-:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:10.0:-:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:4.0:-:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vma:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*
- cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*
- cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*
- cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*
- cpe:2.3:a:xmlsoft:libxml:1.8.17:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
- cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:*:*:*:*:*:*:*:*