Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-2625
Description:XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
Test IDs: 1.3.6.1.4.1.25623.1.0.65850   1.3.6.1.4.1.25623.1.0.66678   1.3.6.1.4.1.25623.1.0.66383   1.3.6.1.4.1.25623.1.0.65711   1.3.6.1.4.1.25623.1.0.64691   1.3.6.1.4.1.25623.1.0.66145   1.3.6.1.4.1.25623.1.0.64686   1.3.6.1.4.1.25623.1.0.66687   1.3.6.1.4.1.25623.1.0.64684   1.3.6.1.4.1.25623.1.0.66617   1.3.6.1.4.1.25623.1.0.66317   1.3.6.1.4.1.25623.1.0.66408   1.3.6.1.4.1.25623.1.0.68152   1.3.6.1.4.1.25623.1.0.66698   1.3.6.1.4.1.25623.1.0.66630   1.3.6.1.4.1.25623.1.0.66391   1.3.6.1.4.1.25623.1.0.64690   1.3.6.1.4.1.25623.1.0.64692   1.3.6.1.4.1.25623.1.0.66697   1.3.6.1.4.1.25623.1.0.66389   1.3.6.1.4.1.25623.1.0.66385   1.3.6.1.4.1.25623.1.0.66410   1.3.6.1.4.1.25623.1.0.66361   1.3.6.1.4.1.25623.1.0.64687   1.3.6.1.4.1.25623.1.0.64683   1.3.6.1.4.1.25623.1.0.64685   1.3.6.1.4.1.25623.1.0.69826   1.3.6.1.4.1.25623.1.0.69787   1.3.6.1.4.1.25623.1.0.122416   1.3.6.1.4.1.25623.1.0.122149   1.3.6.1.4.1.25623.1.0.870688   1.3.6.1.4.1.25623.1.0.880711   1.3.6.1.4.1.25623.1.0.831417  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-2625
http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
BugTraq ID: 35958
http://www.securityfocus.com/bid/35958
Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search)
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Cert/CC Advisory: TA09-294A
http://www.us-cert.gov/cas/techalerts/TA09-294A.html
Cert/CC Advisory: TA10-012A
http://www.us-cert.gov/cas/techalerts/TA10-012A.html
Debian Security Information: DSA-1984 (Google Search)
http://www.debian.org/security/2010/dsa-1984
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html
HPdes Security Advisory: HPSBUX02476
http://marc.info/?l=bugtraq&m=125787273209737&w=2
HPdes Security Advisory: SSRT090250
http://marc.info/?l=bugtraq&m=125787273209737&w=2
http://www.mandriva.com/security/advisories?name=MDVSA-2009:209
http://www.mandriva.com/security/advisories?name=MDVSA-2011:108
http://www.cert.fi/en/reports/2009/vulnerability2009085.html
http://www.codenomicon.com/labs/xml/
http://www.networkworld.com/columnists/2009/080509-xml-flaw.html
https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E
https://lists.apache.org/thread.html/rf5230a049d989dbfdd404b4320a265dceeeba459a4d04ec21873bd55@%3Csolr-user.lucene.apache.org%3E
http://www.openwall.com/lists/oss-security/2009/09/06/1
http://www.openwall.com/lists/oss-security/2009/10/22/9
http://www.openwall.com/lists/oss-security/2009/10/23/6
http://www.openwall.com/lists/oss-security/2009/10/26/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8520
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9356
RedHat Security Advisories: RHSA-2009:1199
https://rhn.redhat.com/errata/RHSA-2009-1199.html
RedHat Security Advisories: RHSA-2009:1200
https://rhn.redhat.com/errata/RHSA-2009-1200.html
RedHat Security Advisories: RHSA-2009:1201
https://rhn.redhat.com/errata/RHSA-2009-1201.html
RedHat Security Advisories: RHSA-2009:1615
http://www.redhat.com/support/errata/RHSA-2009-1615.html
RedHat Security Advisories: RHSA-2009:1636
https://rhn.redhat.com/errata/RHSA-2009-1636.html
RedHat Security Advisories: RHSA-2009:1637
https://rhn.redhat.com/errata/RHSA-2009-1637.html
RedHat Security Advisories: RHSA-2009:1649
https://rhn.redhat.com/errata/RHSA-2009-1649.html
RedHat Security Advisories: RHSA-2009:1650
https://rhn.redhat.com/errata/RHSA-2009-1650.html
RedHat Security Advisories: RHSA-2011:0858
http://www.redhat.com/support/errata/RHSA-2011-0858.html
RedHat Security Advisories: RHSA-2012:1232
http://rhn.redhat.com/errata/RHSA-2012-1232.html
RedHat Security Advisories: RHSA-2012:1537
http://rhn.redhat.com/errata/RHSA-2012-1537.html
http://www.securitytracker.com/id?1022680
http://secunia.com/advisories/36162
http://secunia.com/advisories/36176
http://secunia.com/advisories/36180
http://secunia.com/advisories/36199
http://secunia.com/advisories/37300
http://secunia.com/advisories/37460
http://secunia.com/advisories/37671
http://secunia.com/advisories/37754
http://secunia.com/advisories/38231
http://secunia.com/advisories/38342
http://secunia.com/advisories/43300
http://secunia.com/advisories/50549
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021506.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263489-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-272209-1
SuSE Security Announcement: SUSE-SA:2009:053 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html
SuSE Security Announcement: SUSE-SR:2009:016 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
SuSE Security Announcement: SUSE-SR:2009:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
SuSE Security Announcement: SUSE-SR:2010:013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
http://www.ubuntu.com/usn/USN-890-1
http://www.vupen.com/english/advisories/2009/2543
http://www.vupen.com/english/advisories/2009/3316
http://www.vupen.com/english/advisories/2011/0359




© 1998-2024 E-Soft Inc. All rights reserved.