Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libexpat | Libexpat_project | * | 2.0.1 (including) |
Libexpat | Libexpat_project | 1.95.1 (including) | 1.95.1 (including) |
Libexpat | Libexpat_project | 1.95.2 (including) | 1.95.2 (including) |
Libexpat | Libexpat_project | 1.95.4 (including) | 1.95.4 (including) |
Libexpat | Libexpat_project | 1.95.5 (including) | 1.95.5 (including) |
Libexpat | Libexpat_project | 1.95.6 (including) | 1.95.6 (including) |
Libexpat | Libexpat_project | 1.95.7 (including) | 1.95.7 (including) |
Libexpat | Libexpat_project | 1.95.8 (including) | 1.95.8 (including) |
Libexpat | Libexpat_project | 2.0.0 (including) | 2.0.0 (including) |