Security Advisory

CVE-2012-1148

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-07-03 19:00:00
Last updated 2024-08-06 18:45:27
Assigner redhat
State PUBLISHED

Description

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.