CVE-2019-15903

HIGH

libexpat <2.2.8 - Buffer Overflow

Title source: llm

Description

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

References (59)

[Third Party Advisory] https://support.apple.com/kb/HT210790

[Third Party Advisory] https://support.apple.com/kb/HT210793

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2019/Dec/23

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2019/Dec/26

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2019/Dec/27

... and 39 more

Scores

CVSS v3 7.5

EPSS 0.0017

EPSS Percentile 38.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-776 CWE-125

Status published

Affected Products (2)

libexpat_project/libexpat < 2.2.8

python/python < 2.7.17

Timeline

Published Sep 04, 2019

Tracked Since Feb 18, 2026