Oval Definition:	oval:org.mitre.oval:def:23415
Revision Date: 2014-05-26 Version: 14 Title: ELSA-2013:0131: gnome-vfs2 security and bug fix update (Low) Description: neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2009-2473 ELSA-2013:0131-00 Platform(s): Oracle Linux 5 Product(s): gnome-vfs2 Definition Synopsis Oracle Linux 5.x AND rpm test gnome-vfs2 is earlier than 0:2.16.2-10.el5 OR gnome-vfs2-devel is earlier than 0:2.16.2-10.el5 OR gnome-vfs2-smb is earlier than 0:2.16.2-10.el5
BACK