CVE-2009-3720

Public Exploit

Description

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

5.0
CVSS
Severity: Medium
CVSS 2.0 •
EPSS 0.76% Top 30%
Vendor Advisory slackware.com Vendor Advisory mandriva.com Vendor Advisory fedoraproject.org Vendor Advisory redhat.com Vendor Advisory redhat.com Vendor Advisory redhat.com Vendor Advisory mandriva.com Vendor Advisory ubuntu.com Vendor Advisory opensuse.org Vendor Advisory mandriva.com Vendor Advisory mandriva.com Vendor Advisory opensuse.org Vendor Advisory opensuse.org Vendor Advisory fedoraproject.org Vendor Advisory ubuntu.com Vendor Advisory fedoraproject.org Vendor Advisory redhat.com Vendor Advisory fedoraproject.org Vendor Advisory opensuse.org Vendor Advisory mandriva.com Vendor Advisory mandriva.com Vendor Advisory opensuse.org Vendor Advisory redhat.com Vendor Advisory sun.com Vendor Advisory marc.info Vendor Advisory fedoraproject.org Vendor Advisory mandriva.com Vendor Advisory mandriva.com
Affected: n/a n/a
Published at:
Updated at:

References

Link Tags
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026 mailing list third party advisory vendor advisory
http://svn.python.org/view?view=rev&revision=74429 third party advisory permissions required
http://www.mandriva.com/security/advisories?name=MDVSA-2009:215 vendor advisory broken link
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051442.html third party advisory vendor advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01274.html third party advisory vendor advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00370.html third party advisory vendor advisory
http://secunia.com/advisories/38832 third party advisory broken link
http://www.redhat.com/support/errata/RHSA-2010-0002.html vendor advisory broken link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:216 vendor advisory broken link
http://www.ubuntu.com/usn/USN-890-1 third party advisory vendor advisory
http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13&r2=1.15&view=patch exploit
http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?view=log third party advisory mailing list
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html third party advisory vendor advisory
http://www.openwall.com/lists/oss-security/2009/10/22/9 mailing list
http://www.mandriva.com/security/advisories?name=MDVSA-2009:220 vendor advisory broken link
http://mail.python.org/pipermail/expat-bugs/2009-January/002781.html third party advisory mailing list
http://secunia.com/advisories/38794 third party advisory broken link
http://lists.vmware.com/pipermail/security-announce/2010/000082.html mailing list broken link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11019 vdb entry signature broken link
http://www.vupen.com/english/advisories/2010/1107 vdb entry broken link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:211 permissions required third party advisory vendor advisory
http://www.openwall.com/lists/oss-security/2009/08/26/4 mailing list
http://secunia.com/advisories/41701 third party advisory broken link
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html vdb entry third party advisory vendor advisory
http://www.openwall.com/lists/oss-security/2009/08/21/2 mailing list
http://secunia.com/advisories/37925 third party advisory broken link
http://secunia.com/advisories/38050 third party advisory broken link
http://www.securitytracker.com/id?1023160 vdb entry third party advisory
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html vdb entry third party advisory vendor advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7112 mailing list signature vdb entry third party advisory
https://bugzilla.redhat.com/show_bug.cgi?id=531697 issue tracking
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051367.html third party advisory vendor advisory
http://www.openwall.com/lists/oss-security/2009/10/23/2 mailing list
http://www.ubuntu.com/usn/USN-890-6 third party advisory vendor advisory
http://www.openwall.com/lists/oss-security/2009/10/26/3 mailing list
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051247.html mailing list third party advisory vendor advisory
http://www.openwall.com/lists/oss-security/2009/08/26/3 mailing list
http://secunia.com/advisories/42338 third party advisory broken link
https://bugs.gentoo.org/show_bug.cgi?id=280615 third party advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00413.html third party advisory vendor advisory
http://secunia.com/advisories/38231 third party advisory broken link
http://www.vupen.com/english/advisories/2010/3053 vdb entry broken link
http://www.openwall.com/lists/oss-security/2009/10/28/3 mailing list
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051228.html third party advisory vendor advisory
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html vdb entry third party advisory vendor advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2009:212 vendor advisory broken link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:218 vendor advisory broken link
http://secunia.com/advisories/38834 third party advisory broken link
http://www.vupen.com/english/advisories/2010/3061 vdb entry broken link
http://sourceforge.net/tracker/index.php?func=detail&aid=1990430&group_id=10127&atid=110127 third party advisory mailing list
http://secunia.com/advisories/39478 third party advisory broken link
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html vdb entry third party advisory vendor advisory
http://secunia.com/advisories/37537 third party advisory broken link
http://www.openwall.com/lists/oss-security/2009/10/22/5 mailing list
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12719 vdb entry signature broken link
http://secunia.com/advisories/43300 third party advisory broken link
http://www.redhat.com/support/errata/RHSA-2011-0896.html vendor advisory broken link
http://www.vupen.com/english/advisories/2010/0896 vdb entry broken link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273630-1 vendor advisory broken link
http://marc.info/?l=bugtraq&m=130168502603566&w=2 mailing list third party advisory vendor advisory
http://www.openwall.com/lists/oss-security/2009/08/27/6 mailing list
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051405.html third party advisory vendor advisory
http://www.openwall.com/lists/oss-security/2009/09/06/1 mailing list
http://www.openwall.com/lists/oss-security/2009/10/23/6 mailing list
http://www.vupen.com/english/advisories/2011/0359 vdb entry broken link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:219 vendor advisory broken link
http://www.vupen.com/english/advisories/2010/3035 vdb entry broken link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:217 vendor advisory broken link
http://secunia.com/advisories/37324 third party advisory broken link
http://secunia.com/advisories/42326 third party advisory broken link
http://www.vupen.com/english/advisories/2010/0528 vdb entry broken link
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E third party advisory mailing list

Frequently Asked Questions

What is the severity of CVE-2009-3720?
CVE-2009-3720 has been scored as a medium severity vulnerability.
How to fix CVE-2009-3720?
To fix CVE-2009-3720, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2009-3720 being actively exploited in the wild?
It is possible that CVE-2009-3720 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.