GLSA 200903-19: Xerces-C++: Denial of Service

Severity:normal
Title:Xerces-C++: Denial of Service
Date:03/09/2009
Bugs: #240496
ID:200903-19

Synopsis

An error in Xerces-C++ allows for a Denial of Service via malicious XML schema files.

Background

Xerces-C++ is a validating XML parser written in a portable subset of C++.

Affected packages

Package Vulnerable Unaffected Architecture(s)
dev-libs/xerces-c < 3.0.0-r1 >= 3.0.0-r1 All supported architectures

Description

Frank Rast reported that the XML parser in Xerces-C++ does not correctly handle an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during the validation of an XML file.

Impact

A remote attacker could entice a user or automated system to validate an XML file using a specially crafted XML schema file, leading to a Denial of Service (stack consumption and crash).

Workaround

There is no known workaround at this time.

Resolution

All Xerces-C++ users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-libs/xerces-c-3.0.0-r1"

References

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200903-19.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

Thank you!