CVE-2019-15903

CVE-2019-15903

Name

CVE-2019-15903

Description

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Issue Tracking	https://github.com/libexpat/libexpat/pull/318
Patch	https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
Exploit	https://github.com/libexpat/libexpat/issues/317
UBUNTU	https://usn.ubuntu.com/4132-1/
CONFIRM	https://github.com/libexpat/libexpat/issues/342
BUGTRAQ	https://seclists.org/bugtraq/2019/Sep/30
MISC	http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
UBUNTU	https://usn.ubuntu.com/4132-2/
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
DEBIAN	https://www.debian.org/security/2019/dsa-4530
BUGTRAQ	https://seclists.org/bugtraq/2019/Sep/37
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
CONFIRM	https://security.netapp.com/advisory/ntap-20190926-0004/
SUSE	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
SUSE	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
BUGTRAQ	https://seclists.org/bugtraq/2019/Oct/29
MISC	http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
MISC	http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
UBUNTU	https://usn.ubuntu.com/4165-1/
DEBIAN	https://www.debian.org/security/2019/dsa-4549
REDHAT	https://access.redhat.com/errata/RHSA-2019:3237
REDHAT	https://access.redhat.com/errata/RHSA-2019:3210
BUGTRAQ	https://seclists.org/bugtraq/2019/Nov/1
SUSE	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
SUSE	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
SUSE	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
REDHAT	https://access.redhat.com/errata/RHSA-2019:3756
SUSE	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
SUSE	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
SUSE	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
SUSE	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
SUSE	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
MLIST	https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
BUGTRAQ	https://seclists.org/bugtraq/2019/Nov/24
DEBIAN	https://www.debian.org/security/2019/dsa-4571
MLIST	https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
GENTOO	https://security.gentoo.org/glsa/201911-08
UBUNTU	https://usn.ubuntu.com/4202-1/
CONFIRM	https://support.apple.com/kb/HT210788
CONFIRM	https://support.apple.com/kb/HT210785
CONFIRM	https://support.apple.com/kb/HT210790
CONFIRM	https://support.apple.com/kb/HT210789
BUGTRAQ	https://seclists.org/bugtraq/2019/Dec/21
BUGTRAQ	https://seclists.org/bugtraq/2019/Dec/23
BUGTRAQ	https://seclists.org/bugtraq/2019/Dec/17
CONFIRM	https://support.apple.com/kb/HT210793
CONFIRM	https://support.apple.com/kb/HT210795
CONFIRM	https://support.apple.com/kb/HT210794
FULLDISC	http://seclists.org/fulldisclosure/2019/Dec/23
FULLDISC	http://seclists.org/fulldisclosure/2019/Dec/26
FULLDISC	http://seclists.org/fulldisclosure/2019/Dec/27
FULLDISC	http://seclists.org/fulldisclosure/2019/Dec/30
SUSE	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
SUSE	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
N/A	https://www.oracle.com/security-alerts/cpuapr2020.html
UBUNTU	https://usn.ubuntu.com/4335-1/
MISC	https://www.oracle.com/security-alerts/cpuoct2020.html
CONFIRM	https://www.tenable.com/security/tns-2021-11
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/

Type

URI

Issue Tracking

https://github.com/libexpat/libexpat/pull/318

Patch

https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43

Exploit

https://github.com/libexpat/libexpat/issues/317

UBUNTU

https://usn.ubuntu.com/4132-1/

CONFIRM

https://github.com/libexpat/libexpat/issues/342

BUGTRAQ

https://seclists.org/bugtraq/2019/Sep/30

MISC

http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html

UBUNTU

https://usn.ubuntu.com/4132-2/

FEDORA

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/

DEBIAN

https://www.debian.org/security/2019/dsa-4530

BUGTRAQ

https://seclists.org/bugtraq/2019/Sep/37

FEDORA

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/

CONFIRM

https://security.netapp.com/advisory/ntap-20190926-0004/

SUSE

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html

SUSE

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html

FEDORA

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/

BUGTRAQ

https://seclists.org/bugtraq/2019/Oct/29

MISC

http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html

MISC

http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html

UBUNTU

https://usn.ubuntu.com/4165-1/

DEBIAN

https://www.debian.org/security/2019/dsa-4549

REDHAT

https://access.redhat.com/errata/RHSA-2019:3237

REDHAT

https://access.redhat.com/errata/RHSA-2019:3210

BUGTRAQ

https://seclists.org/bugtraq/2019/Nov/1

SUSE

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html

SUSE

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html

SUSE

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html

REDHAT

https://access.redhat.com/errata/RHSA-2019:3756

SUSE

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html

SUSE

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html

SUSE

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html

SUSE

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html

SUSE

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html

MLIST

https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html

BUGTRAQ

https://seclists.org/bugtraq/2019/Nov/24

DEBIAN

https://www.debian.org/security/2019/dsa-4571

MLIST

https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html

GENTOO

https://security.gentoo.org/glsa/201911-08

UBUNTU

https://usn.ubuntu.com/4202-1/

CONFIRM

https://support.apple.com/kb/HT210788

CONFIRM

https://support.apple.com/kb/HT210785

CONFIRM

https://support.apple.com/kb/HT210790

CONFIRM

https://support.apple.com/kb/HT210789

BUGTRAQ

https://seclists.org/bugtraq/2019/Dec/21

BUGTRAQ

https://seclists.org/bugtraq/2019/Dec/23

BUGTRAQ

https://seclists.org/bugtraq/2019/Dec/17

CONFIRM

https://support.apple.com/kb/HT210793

CONFIRM

https://support.apple.com/kb/HT210795

CONFIRM

https://support.apple.com/kb/HT210794

FULLDISC

http://seclists.org/fulldisclosure/2019/Dec/23

FULLDISC

http://seclists.org/fulldisclosure/2019/Dec/26

FULLDISC

http://seclists.org/fulldisclosure/2019/Dec/27

FULLDISC

http://seclists.org/fulldisclosure/2019/Dec/30

SUSE

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html

SUSE

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

N/A

https://www.oracle.com/security-alerts/cpuapr2020.html

UBUNTU

https://usn.ubuntu.com/4335-1/

MISC

https://www.oracle.com/security-alerts/cpuoct2020.html

CONFIRM

https://www.tenable.com/security/tns-2021-11

cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/

cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/

cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:libexpat_project:libexpat::::::::`	libexpat	>= None	< 2.2.8

CPE URI

Source package

Min version

Max version

cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*

libexpat

>= None

< 2.2.8

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
python2	edge-community	2.7.17-r0	None	fixed
python2	3.12-main	2.7.17-r0	None	fixed
python2	3.11-main	2.7.17-r0	None	fixed
python2	3.10-main	2.7.17-r0	None	fixed
librewolf	edge-community	70.0-r0	None	fixed
librewolf	3.22-community	70.0-r0	None	fixed
librewolf	3.21-community	70.0-r0	None	fixed
firefox-esr	edge-community	68.2.0-r0	None	fixed
firefox-esr	3.22-community	68.2.0-r0	None	fixed
firefox-esr	3.21-community	68.2.0-r0	None	fixed
firefox-esr	3.20-community	68.2.0-r0	None	fixed
firefox-esr	3.19-community	68.2.0-r0	None	fixed
firefox-esr	3.18-community	68.2.0-r0	None	fixed
firefox-esr	3.17-community	68.2.0-r0	None	fixed
firefox	edge-community	70.0-r0	None	fixed
firefox	3.22-community	70.0-r0	None	fixed
firefox	3.21-community	70.0-r0	None	fixed
firefox	3.20-community	70.0-r0	None	fixed
firefox	3.19-community	70.0-r0	None	fixed
firefox	3.18-community	70.0-r0	None	fixed
firefox	3.17-community	70.0-r0	None	fixed
expat	edge-main	2.2.7-r1	None	fixed
expat	3.22-main	2.2.7-r1	None	fixed
expat	3.21-main	2.2.7-r1	None	fixed
expat	3.20-main	2.2.7-r1	None	fixed
expat	3.19-main	2.2.7-r1	None	fixed
expat	3.18-main	2.2.7-r1	None	fixed
expat	3.17-main	2.2.7-r1	None	fixed
expat	3.12-main	2.2.7-r1	None	fixed
expat	3.11-main	2.2.7-r1	None	fixed
expat	3.10-main	2.2.7-r1	None	fixed

Source package

Branch

Version

Maintainer

Status

python2

edge-community

2.7.17-r0

None

fixed

python2

3.12-main