The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Jabberd | Jabberstudio | 1.4 (including) | 1.4 (including) |
Jabberd | Jabberstudio | 1.4.1 (including) | 1.4.1 (including) |
Jabberd | Jabberstudio | 1.4.2 (including) | 1.4.2 (including) |
Jabberd | Jabberstudio | 1.4.2a (including) | 1.4.2a (including) |
Jabberd | Jabberstudio | 1.4.3 (including) | 1.4.3 (including) |
Jadc2s | Jabberstudio | 0.6 (including) | 0.6 (including) |
Jadc2s | Jabberstudio | 0.7 (including) | 0.7 (including) |
Jadc2s | Jabberstudio | 0.8 (including) | 0.8 (including) |
Jadc2s | Jabberstudio | 0.9 (including) | 0.9 (including) |