OVAL Reference oval:com.ubuntu.disco:def:201211480000000

Oval Definition:

oval:com.ubuntu.disco:def:201211480000000

Revision Date:	2012-07-03	Version:	1
Title:	CVE-2012-1148 on Ubuntu 19.04 (disco) - low.
Description:	Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2012-1148
Platform(s):	Ubuntu 19.04	Product(s):
Definition Synopsis
Ubuntu 19.04 (disco) is installed. AND Package Information apache2: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'code-not-compiled'). OR apr-util: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'code-not-compiled'). OR cadaver: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life'). OR cmake: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'code-not-compiled'). OR expat package in disco, is related to the CVE in some way and has been fixed (note: '2.1.0-1'). OR ghostscript: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'code-not-compiled'). OR matanza: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life'). OR smart: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'code-not-compiled'). OR swish-e: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life'). OR texlive-bin: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'code-not-compiled'). OR tla package in disco, is related to the CVE in some way and has been fixed (note: '1.3.5+dfsg-15'). OR vnc4: while related to the CVE in some way, a decision has been made to ignore this issue. OR xmlrpc-c package in disco was vulnerable but has been fixed (note: '1.16.33-3.1ubuntu6'). OR xotcl: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life').

BACK