Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:DL:XPAT-MAL-XML

Severity

 High

Recommended

 No

Category

 HTTP

Keywords

 Expat Malformed XML Overflow

Release Date

 2012/11/11

Update Number

 2202

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Expat Malformed XML Overflow


This signature detects attempts to exploit a known flaw in Expat. The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read.

Extended Description

The Expat library is prone to a remote denial-of-service vulnerability because it fails to properly handle crafted XML data. Exploiting this issue allows remote attackers to cause denial-of-service conditions in the context of an application using the vulnerable XML parsing library. Expat 2.0.1 is vulnerable; other versions may also be affected.

Affected Products

  • Apache Software Foundation Apache 2.2
  • Apache Software Foundation Apache 2.2.0
  • Apache Software Foundation Apache 2.2.1
  • Apache Software Foundation Apache 2.2.10
  • Apache Software Foundation Apache 2.2.11
  • Apache Software Foundation Apache 2.2.12
  • Apache Software Foundation Apache 2.2.13
  • Apache Software Foundation Apache 2.2.14
  • Apache Software Foundation Apache 2.2.15
  • Apache Software Foundation Apache 2.2.15-Dev
  • Apache Software Foundation Apache 2.2.16
  • Apache Software Foundation Apache 2.2.2
  • Apache Software Foundation Apache 2.2.3
  • Apache Software Foundation Apache 2.2.4
  • Apache Software Foundation Apache 2.2.5
  • Apache Software Foundation Apache 2.2.5-Dev
  • Apache Software Foundation Apache 2.2.6
  • Apache Software Foundation Apache 2.2.6-Dev
  • Apache Software Foundation Apache 2.2.7-Dev
  • Apache Software Foundation Apache 2.2.8
  • Apache Software Foundation Apache 2.2.9
  • Apache Software Foundation APR-util 1.3.0
  • Apache Software Foundation APR-util 1.3.1
  • Apache Software Foundation APR-util 1.3.2
  • Apache Software Foundation APR-util 1.3.3
  • Apache Software Foundation APR-util 1.3.4
  • Apache Software Foundation APR-util 1.3.5
  • Apache Software Foundation APR-util 1.3.6
  • Apache Software Foundation APR-util 1.3.7
  • Apache Software Foundation APR-util 1.3.8
  • Apache Software Foundation APR-util 1.3.9
  • Apache Software Foundation APR-util 1.3.9
  • Avaya Aura Application Enablement Services 3.1
  • Avaya Aura Application Enablement Services 3.1.6
  • Avaya Aura Application Enablement Services 4.0
  • Avaya Aura Application Enablement Services 4.2
  • Avaya Aura Application Enablement Services 4.2.1
  • Avaya Aura Application Enablement Services 4.2.2
  • Avaya Aura Application Enablement Services 4.2.3
  • Avaya Aura Application Enablement Services 5.2
  • Avaya Aura Application Enablement Services 5.2.1
  • Avaya Aura Application Enablement Services 5.2.2
  • Avaya Aura Application Enablement Services 5.2.3
  • Avaya Aura Application Enablement Services 6.1
  • Avaya Aura Application Server 5300 SIP Core 2.0
  • Avaya Aura Communication Manager 4.0
  • Avaya Aura Communication Manager 4.0
  • Avaya Aura Communication Manager 5.1
  • Avaya Aura Communication Manager 5.2
  • Avaya Aura Communication Manager 5.2.1
  • Avaya Aura Communication Manager 6.0
  • Avaya Aura Communication Manager 6.0.1
  • Avaya Aura Conferencing 6.0 Standard
  • Avaya Aura Presence Services 6.0
  • Avaya Aura Presence Services 6.1
  • Avaya Aura Session Manager 1.1
  • Avaya Aura Session Manager 5.2
  • Avaya Aura Session Manager 6.0
  • Avaya Aura Session Manager 6.0 SP1
  • Avaya Aura Session Manager 6.1
  • Avaya Aura SIP Enablement Services 3.0
  • Avaya Aura SIP Enablement Services 3.1
  • Avaya Aura SIP Enablement Services 3.1.0
  • Avaya Aura SIP Enablement Services 3.1.1
  • Avaya Aura SIP Enablement Services 4.0
  • Avaya Aura SIP Enablement Services 5.0
  • Avaya Aura SIP Enablement Services 5.1
  • Avaya Aura SIP Enablement Services 5.2
  • Avaya Aura SIP Enablement Services 5.2.1
  • Avaya Aura System Manager 1.0
  • Avaya Aura System Manager 5.2
  • Avaya Aura System Manager 6.0
  • Avaya Aura System Manager 6.0 SP1
  • Avaya Aura System Manager 6.1
  • Avaya Aura System Manager 6.1.1
  • Avaya Aura System Platform 1.1
  • Avaya Aura System Platform 6.0
  • Avaya Aura System Platform 6.0 SP2
  • Avaya Aura System Platform 6.0 SP3
  • Avaya CMS Server 15.0
  • Avaya CMS Server 16.0
  • Avaya Communication Server 1000E 6.0
  • Avaya Communication Server 1000E 7.0
  • Avaya Communication Server 1000E 7.5
  • Avaya Communication Server 1000E Signaling Server 6.0
  • Avaya Communication Server 1000E Signaling Server 7.0
  • Avaya Communication Server 1000E Signaling Server 7.5
  • Avaya Communication Server 1000M 6.0
  • Avaya Communication Server 1000M 7.0
  • Avaya Communication Server 1000M 7.5
  • Avaya Communication Server 1000M Signaling Server 6.0
  • Avaya Communication Server 1000M Signaling Server 7.0
  • Avaya Communication Server 1000M Signaling Server 7.5
  • Avaya Interactive Response 3.0
  • Avaya Interactive Response 4.0
  • Avaya Intuity AUDIX LX 1.0
  • Avaya Intuity AUDIX LX 2.0
  • Avaya Intuity AUDIX LX 2.0 SP1
  • Avaya Intuity AUDIX LX 2.0 SP2
  • Avaya Intuity AUDIX LX R1.1
  • Avaya IP Office Application Server 6.1
  • Avaya IP Office Application Server 7.0
  • Avaya IQ 4.0
  • Avaya IQ 4.1.0
  • Avaya IQ 4.2
  • Avaya IQ 5
  • Avaya IQ 5.1
  • Avaya IQ 5.2
  • Avaya Meeting Exchange 5.0
  • Avaya Meeting Exchange 5.0.0.0.52
  • Avaya Meeting Exchange 5.0 SP1
  • Avaya Meeting Exchange 5.0 SP2
  • Avaya Meeting Exchange 5.1
  • Avaya Meeting Exchange 5.1 SP1
  • Avaya Meeting Exchange 5.2
  • Avaya Meeting Exchange 5.2 SP1
  • Avaya Meeting Exchange 5.2 SP2
  • Avaya Message Networking 3.1
  • Avaya Message Networking 5.2
  • Avaya Message Networking 5.2.1
  • Avaya Message Networking 5.2.2
  • Avaya Message Networking 5.2 SP1
  • Avaya Message Networking MN 3.1
  • Avaya Message Networking
  • Avaya Messaging Storage Server 1.0
  • Avaya Messaging Storage Server 2.0
  • Avaya Messaging Storage Server 3.1
  • Avaya Messaging Storage Server 4.0
  • Avaya Messaging Storage Server 5.0
  • Avaya Messaging Storage Server 5.1
  • Avaya Messaging Storage Server 5.1 SP1
  • Avaya Messaging Storage Server 5.1 SP2
  • Avaya Messaging Storage Server 5.2
  • Avaya Messaging Storage Server 5.2.2
  • Avaya Messaging Storage Server 5.2.8
  • Avaya Messaging Storage Server 5.2 SP1
  • Avaya Messaging Storage Server 5.2 SP2
  • Avaya Messaging Storage Server 5.2 SP3
  • Avaya Messaging Storage Server MM3.0
  • Avaya Messaging Storage Server
  • Avaya Proactive Contact 4.0
  • Avaya Proactive Contact 4.0.1
  • Avaya Proactive Contact 4.1
  • Avaya Proactive Contact 4.1.1
  • Avaya Proactive Contact 4.1.2
  • Avaya Proactive Contact 4.2
  • Avaya Proactive Contact 4.2.1
  • Avaya Voice Portal 3.0
  • Avaya Voice Portal 4.0
  • Avaya Voice Portal 4.1
  • Avaya Voice Portal 4.1 SP1
  • Avaya Voice Portal 4.1 SP2
  • Avaya Voice Portal 5.0
  • Avaya Voice Portal 5.0 SP1
  • Avaya Voice Portal 5.0 SP2
  • Avaya Voice Portal 5.1
  • Avaya Voice Portal 5.1
  • Avaya Voice Portal 5.1 SP1
  • Blue Coat Systems Director 4.2.2.4
  • Blue Coat Systems Director 5.2.2.5
  • Blue Coat Systems Director 5.4
  • Blue Coat Systems Director 5.5
  • Blue Coat Systems Director
  • Debian Linux 4.0
  • Debian Linux 4.0 Alpha
  • Debian Linux 4.0 Amd64
  • Debian Linux 4.0 Arm
  • Debian Linux 4.0 Armel
  • Debian Linux 4.0 Hppa
  • Debian Linux 4.0 Ia-32
  • Debian Linux 4.0 Ia-64
  • Debian Linux 4.0 M68k
  • Debian Linux 4.0 Mips
  • Debian Linux 4.0 Mipsel
  • Debian Linux 4.0 Powerpc
  • Debian Linux 4.0 S/390
  • Debian Linux 4.0 Sparc
  • Debian Linux 5.0
  • Debian Linux 5.0 Alpha
  • Debian Linux 5.0 Amd64
  • Debian Linux 5.0 Arm
  • Debian Linux 5.0 Armel
  • Debian Linux 5.0 Hppa
  • Debian Linux 5.0 Ia-32
  • Debian Linux 5.0 Ia-64
  • Debian Linux 5.0 M68k
  • Debian Linux 5.0 Mips
  • Debian Linux 5.0 Mipsel
  • Debian Linux 5.0 Powerpc
  • Debian Linux 5.0 S/390
  • Debian Linux 5.0 Sparc
  • Gentoo Linux
  • HP HP-UX B.11.11
  • HP HP-UX B.11.23
  • HP HP-UX B.11.31
  • HP HP-UX Web Server Suite 2.31
  • HP HP-UX Web Server Suite 2.32
  • HP HP-UX Web Server Suite 3.10
  • HP HP-UX Web Server Suite 3.12
  • HP HP-UX Web Server Suite 3.13
  • IBM HTTP Server 6.1.0.31
  • IBM HTTP Server 7.0.0.11
  • IBM HTTP Server 7.0.0.13
  • James Clark Expat 2.0.1
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Pardus Linux 2008
  • Pardus Linux 2009
  • Python Software Foundation Python 2.0.0
  • Python Software Foundation Python 2.0.1
  • Python Software Foundation Python 2.1.0
  • Python Software Foundation Python 2.1.1
  • Python Software Foundation Python 2.1.2
  • Python Software Foundation Python 2.1.3
  • Python Software Foundation Python 2.2.0
  • Python Software Foundation Python 2.2.1
  • Python Software Foundation Python 2.2.2
  • Python Software Foundation Python 2.2.3
  • Python Software Foundation Python 2.3.0
  • Python Software Foundation Python 2.3.0 B1
  • Python Software Foundation Python 2.3.1
  • Python Software Foundation Python 2.3.2
  • Python Software Foundation Python 2.3.3
  • Python Software Foundation Python 2.3.4
  • Python Software Foundation Python 2.3.5
  • Python Software Foundation Python 2.3.6
  • Python Software Foundation Python 2.4.0
  • Python Software Foundation Python 2.4.1
  • Python Software Foundation Python 2.4.2
  • Python Software Foundation Python 2.4.3
  • Python Software Foundation Python 2.4.4
  • Python Software Foundation Python 2.4.4-R14
  • Python Software Foundation Python 2.4.5
  • Python Software Foundation Python 2.5
  • Python Software Foundation Python 2.5.1
  • Python Software Foundation Python 2.5.2
  • Python Software Foundation Python 2.5.2-R6
  • Python Software Foundation Python 2.5.3
  • Python Software Foundation Python 2.6.2
  • Python Software Foundation Python 3.0.1
  • Red Hat Desktop 3.0.0
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux Desktop Version 4
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux Virtualization 5 Server
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora 10
  • Red Hat Fedora 11
  • Red Hat Fedora 12
  • Red Hat Fedora 13
  • Red Hat Fedora 14
  • Red Hat Fedora 15
  • Red Hat JBoss Enterprise Web Server 5.0.0
  • Red Hat JBoss Enterprise Web Server EL4
  • Red Hat JBoss Enterprise Web Server for RHEL 4 AS 1.0.0
  • Red Hat JBoss Enterprise Web Server for RHEL 4 ES 1.0.0
  • Red Hat JBoss Enterprise Web Server for RHEL 5 Server 1.0.0
  • Red Hat JBoss Enterprise Web Server for RHEL 6 1.0.0
  • Red Hat JBoss Enterprise Web Server for Solaris 1.0.0
  • Red Hat JBoss Enterprise Web Server for Windows 1.0.0
  • Slackware Linux 11.0
  • Slackware Linux 12.0
  • Slackware Linux 12.1
  • Slackware Linux 12.2
  • Slackware Linux 13.0
  • Slackware Linux 13.0 X86 64
  • Slackware Linux 13.1
  • Slackware Linux 13.1 X86 64
  • Slackware Linux -Current
  • Slackware Linux X86 64 -Current
  • Sun OpenSolaris Build Snv 01
  • Sun OpenSolaris Build Snv 02
  • Sun OpenSolaris Build Snv 100
  • Sun OpenSolaris Build Snv 101
  • Sun OpenSolaris Build Snv 101A
  • Sun OpenSolaris Build Snv 102
  • Sun OpenSolaris Build Snv 103
  • Sun OpenSolaris Build Snv 104
  • Sun OpenSolaris Build Snv 105
  • Sun OpenSolaris Build Snv 106
  • Sun OpenSolaris Build Snv 107
  • Sun OpenSolaris Build Snv 108
  • Sun OpenSolaris Build Snv 109
  • Sun OpenSolaris Build Snv 110
  • Sun OpenSolaris Build Snv 111
  • Sun OpenSolaris Build Snv 111A
  • Sun OpenSolaris Build Snv 112
  • Sun OpenSolaris Build Snv 113
  • Sun OpenSolaris Build Snv 114
  • Sun OpenSolaris Build Snv 115
  • Sun OpenSolaris Build Snv 116
  • Sun OpenSolaris Build Snv 117
  • Sun OpenSolaris Build Snv 118
  • Sun OpenSolaris Build Snv 119
  • Sun OpenSolaris Build Snv 120
  • Sun OpenSolaris Build Snv 121
  • Sun OpenSolaris Build Snv 122
  • Sun OpenSolaris Build Snv 123
  • Sun OpenSolaris Build Snv 124
  • Sun OpenSolaris Build Snv 125
  • Sun OpenSolaris Build Snv 126
  • Sun OpenSolaris Build Snv 127
  • Sun OpenSolaris Build Snv 128
  • Sun OpenSolaris Build Snv 13
  • Sun OpenSolaris Build Snv 19
  • Sun OpenSolaris Build Snv 22
  • Sun OpenSolaris Build Snv 28
  • Sun OpenSolaris Build Snv 29
  • Sun OpenSolaris Build Snv 36
  • Sun OpenSolaris Build Snv 37
  • Sun OpenSolaris Build Snv 38
  • Sun OpenSolaris Build Snv 39
  • Sun OpenSolaris Build Snv 41
  • Sun OpenSolaris Build Snv 45
  • Sun OpenSolaris Build Snv 47
  • Sun OpenSolaris Build Snv 48
  • Sun OpenSolaris Build Snv 49
  • Sun OpenSolaris Build Snv 50
  • Sun OpenSolaris Build Snv 51
  • Sun OpenSolaris Build Snv 54
  • Sun OpenSolaris Build Snv 57
  • Sun OpenSolaris Build Snv 58
  • Sun OpenSolaris Build Snv 59
  • Sun OpenSolaris Build Snv 61
  • Sun OpenSolaris Build Snv 64
  • Sun OpenSolaris Build Snv 67
  • Sun OpenSolaris Build Snv 68
  • Sun OpenSolaris Build Snv 76
  • Sun OpenSolaris Build Snv 77
  • Sun OpenSolaris Build Snv 78
  • Sun OpenSolaris Build Snv 80
  • Sun OpenSolaris Build Snv 81
  • Sun OpenSolaris Build Snv 82
  • Sun OpenSolaris Build Snv 83
  • Sun OpenSolaris Build Snv 84
  • Sun OpenSolaris Build Snv 85
  • Sun OpenSolaris Build Snv 86
  • Sun OpenSolaris Build Snv 87
  • Sun OpenSolaris Build Snv 88
  • Sun OpenSolaris Build Snv 89
  • Sun OpenSolaris Build Snv 90
  • Sun OpenSolaris Build Snv 91
  • Sun OpenSolaris Build Snv 92
  • Sun OpenSolaris Build Snv 93
  • Sun OpenSolaris Build Snv 94
  • Sun OpenSolaris Build Snv 95
  • Sun OpenSolaris Build Snv 96
  • Sun OpenSolaris Build Snv 98
  • Sun OpenSolaris Build Snv 99
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • SuSE Linux 10.0
  • SuSE Linux 11
  • SuSE Linux 9
  • SuSE Moblin 2.0
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Open-Enterprise-Server
  • SuSE openSUSE 10.3
  • SuSE openSUSE 11.0
  • SuSE openSUSE 11.1
  • SuSE openSUSE 11.2
  • SuSE SUSE Linux Enterprise 10 SP2
  • SuSE SUSE Linux Enterprise 10 SP3
  • SuSE SUSE Linux Enterprise 11
  • SuSE SUSE Linux Enterprise Server 10 SP2
  • SuSE SUSE Linux Enterprise Server 10 SP3
  • SuSE SUSE Linux Enterprise Server 11
  • SuSE SUSE Linux Enterprise Server 9
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 8.10 Amd64
  • Ubuntu Ubuntu Linux 8.10 I386
  • Ubuntu Ubuntu Linux 8.10 Lpia
  • Ubuntu Ubuntu Linux 8.10 Powerpc
  • Ubuntu Ubuntu Linux 8.10 Sparc
  • Ubuntu Ubuntu Linux 9.04 Amd64
  • Ubuntu Ubuntu Linux 9.04 I386
  • Ubuntu Ubuntu Linux 9.04 Lpia
  • Ubuntu Ubuntu Linux 9.04 Powerpc
  • Ubuntu Ubuntu Linux 9.04 Sparc
  • Ubuntu Ubuntu Linux 9.10 Amd64
  • Ubuntu Ubuntu Linux 9.10 I386
  • Ubuntu Ubuntu Linux 9.10 Lpia
  • Ubuntu Ubuntu Linux 9.10 Powerpc
  • Ubuntu Ubuntu Linux 9.10 Sparc
  • VMWare ESX 4.0
  • VMWare ESX 4.1

References

  • BugTraq: 36097
  • CVE: CVE-2009-3720

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out