The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-10-08T01:00:00
Updated: 2024-08-07T10:17:09.701Z
Reserved: 2008-10-07T00:00:00
Link: CVE-2008-4482
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-10-08T02:00:01.267
Modified: 2024-11-21T00:51:47.153
Link: CVE-2008-4482
Redhat
No data.