CVE-2009-2416

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-2416
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html Release Notes
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html Mailing List
http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html Mailing List
http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html Mailing List
http://secunia.com/advisories/35036 Broken Link
http://secunia.com/advisories/36207 Broken Link
http://secunia.com/advisories/36338 Broken Link
http://secunia.com/advisories/36417 Broken Link
http://secunia.com/advisories/36631 Broken Link
http://secunia.com/advisories/37346 Broken Link
http://secunia.com/advisories/37471 Broken Link
http://support.apple.com/kb/HT3937 Third Party Advisory
http://support.apple.com/kb/HT3949 Third Party Advisory
http://support.apple.com/kb/HT4225 Third Party Advisory
http://www.cert.fi/en/reports/2009/vulnerability2009085.html Broken Link
http://www.codenomicon.com/labs/xml/ Broken Link
http://www.debian.org/security/2009/dsa-1859 Mailing List Patch
http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html Patch
http://www.networkworld.com/columnists/2009/080509-xml-flaw.html Broken Link
http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html Third Party Advisory
http://www.securityfocus.com/archive/1/507985/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/36010 Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-815-1 Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2009-0016.html Third Party Advisory
http://www.vupen.com/english/advisories/2009/2420 Broken Link
http://www.vupen.com/english/advisories/2009/3184 Broken Link
http://www.vupen.com/english/advisories/2009/3217 Broken Link
http://www.vupen.com/english/advisories/2009/3316 Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=515205 Issue Tracking Patch
https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59 Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262 Broken Link
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html Mailing List
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html Mailing List
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html Mailing List
http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html Release Notes
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html Mailing List
http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html Mailing List
http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html Mailing List
http://secunia.com/advisories/35036 Broken Link
http://secunia.com/advisories/36207 Broken Link
http://secunia.com/advisories/36338 Broken Link
http://secunia.com/advisories/36417 Broken Link
http://secunia.com/advisories/36631 Broken Link
http://secunia.com/advisories/37346 Broken Link
http://secunia.com/advisories/37471 Broken Link
http://support.apple.com/kb/HT3937 Third Party Advisory
http://support.apple.com/kb/HT3949 Third Party Advisory
http://support.apple.com/kb/HT4225 Third Party Advisory
http://www.cert.fi/en/reports/2009/vulnerability2009085.html Broken Link
http://www.codenomicon.com/labs/xml/ Broken Link
http://www.debian.org/security/2009/dsa-1859 Mailing List Patch
http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html Patch
http://www.networkworld.com/columnists/2009/080509-xml-flaw.html Broken Link
http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html Third Party Advisory
http://www.securityfocus.com/archive/1/507985/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/36010 Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-815-1 Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2009-0016.html Third Party Advisory
http://www.vupen.com/english/advisories/2009/2420 Broken Link
http://www.vupen.com/english/advisories/2009/3184 Broken Link
http://www.vupen.com/english/advisories/2009/3217 Broken Link
http://www.vupen.com/english/advisories/2009/3316 Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=515205 Issue Tracking Patch
https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59 Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262 Broken Link
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html Mailing List
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html Mailing List
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html Mailing List
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:xmlsoft:libxml:1.8.17:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*

Configuration 6 (hide)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 7 (hide)

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*

Configuration 8 (hide)

OR cpe:2.3:o:opensuse:opensuse:*:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise:10.0:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise:11.0:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*

Configuration 9 (hide)

OR cpe:2.3:a:vmware:vcenter_server:4.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:vma:4.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:3.0.3:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*

Configuration 10 (hide)

OR cpe:2.3:a:sun:openoffice.org:*:*:*:*:*:*:*:*
cpe:2.3:a:sun:openoffice.org:*:*:*:*:*:*:*:*
History

21 Nov 2024, 01:04

Type Values Removed Values Added
References () http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html - Release Notes () http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html - Release Notes
References () http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html - Mailing List () http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html - Mailing List
References () http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html - Mailing List () http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html - Mailing List
References () http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html - Mailing List () http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html - Mailing List
References () http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html - Mailing List () http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html - Mailing List
References () http://secunia.com/advisories/35036 - Broken Link () http://secunia.com/advisories/35036 - Broken Link
References () http://secunia.com/advisories/36207 - Broken Link () http://secunia.com/advisories/36207 - Broken Link
References () http://secunia.com/advisories/36338 - Broken Link () http://secunia.com/advisories/36338 - Broken Link
References () http://secunia.com/advisories/36417 - Broken Link () http://secunia.com/advisories/36417 - Broken Link
References () http://secunia.com/advisories/36631 - Broken Link () http://secunia.com/advisories/36631 - Broken Link
References () http://secunia.com/advisories/37346 - Broken Link () http://secunia.com/advisories/37346 - Broken Link
References () http://secunia.com/advisories/37471 - Broken Link () http://secunia.com/advisories/37471 - Broken Link
References () http://support.apple.com/kb/HT3937 - Third Party Advisory () http://support.apple.com/kb/HT3937 - Third Party Advisory
References () http://support.apple.com/kb/HT3949 - Third Party Advisory () http://support.apple.com/kb/HT3949 - Third Party Advisory
References () http://support.apple.com/kb/HT4225 - Third Party Advisory () http://support.apple.com/kb/HT4225 - Third Party Advisory
References () http://www.cert.fi/en/reports/2009/vulnerability2009085.html - Broken Link () http://www.cert.fi/en/reports/2009/vulnerability2009085.html - Broken Link
References () http://www.codenomicon.com/labs/xml/ - Broken Link () http://www.codenomicon.com/labs/xml/ - Broken Link
References () http://www.debian.org/security/2009/dsa-1859 - Mailing List, Patch () http://www.debian.org/security/2009/dsa-1859 - Mailing List, Patch
References () http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html - Patch () http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html - Patch
References () http://www.networkworld.com/columnists/2009/080509-xml-flaw.html - Broken Link () http://www.networkworld.com/columnists/2009/080509-xml-flaw.html - Broken Link
References () http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html - Third Party Advisory () http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html - Third Party Advisory
References () http://www.securityfocus.com/archive/1/507985/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/507985/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/36010 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/36010 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.ubuntu.com/usn/USN-815-1 - Third Party Advisory () http://www.ubuntu.com/usn/USN-815-1 - Third Party Advisory
References () http://www.vmware.com/security/advisories/VMSA-2009-0016.html - Third Party Advisory () http://www.vmware.com/security/advisories/VMSA-2009-0016.html - Third Party Advisory
References () http://www.vupen.com/english/advisories/2009/2420 - Broken Link () http://www.vupen.com/english/advisories/2009/2420 - Broken Link
References () http://www.vupen.com/english/advisories/2009/3184 - Broken Link () http://www.vupen.com/english/advisories/2009/3184 - Broken Link
References () http://www.vupen.com/english/advisories/2009/3217 - Broken Link () http://www.vupen.com/english/advisories/2009/3217 - Broken Link
References () http://www.vupen.com/english/advisories/2009/3316 - Broken Link () http://www.vupen.com/english/advisories/2009/3316 - Broken Link
References () https://bugzilla.redhat.com/show_bug.cgi?id=515205 - Issue Tracking, Patch () https://bugzilla.redhat.com/show_bug.cgi?id=515205 - Issue Tracking, Patch
References () https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59 - Patch () https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59 - Patch
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783 - Broken Link () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783 - Broken Link
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262 - Broken Link () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262 - Broken Link
References () https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html - Mailing List () https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html - Mailing List
References () https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html - Mailing List () https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html - Mailing List
References () https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html - Mailing List () https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html - Mailing List

02 Feb 2024, 16:04

Type Values Removed Values Added
CPE cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*
cpe:2.3:a:sun:openoffice.org:*:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise:11.0:-:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:3.0.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:4.0:-:*:*:*:*:*:*
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise:10.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:vma:4.0:*:*:*:*:*:*:*
CWE CWE-399 CWE-416
CVSS v2 : 4.3
v3 : unknown 		v2 : 4.3
v3 : 6.5
First Time Redhat
Redhat enterprise Linux
Debian debian Linux
Suse
Suse linux Enterprise Server
Sun
Debian
Apple
Vmware
Google
Apple safari
Fedoraproject
Fedoraproject fedora
Sun openoffice.org
Apple iphone Os
Vmware vma
Opensuse opensuse
Vmware vcenter Server
Canonical ubuntu Linux
Google chrome
Suse linux Enterprise
Canonical
Apple mac Os X Server
Apple mac Os X
Vmware esxi
Vmware esx
Opensuse
References (CONFIRM) http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html - (CONFIRM) http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html - Release Notes
References (DEBIAN) http://www.debian.org/security/2009/dsa-1859 - Patch (DEBIAN) http://www.debian.org/security/2009/dsa-1859 - Mailing List, Patch
References (SECUNIA) http://secunia.com/advisories/37471 - (SECUNIA) http://secunia.com/advisories/37471 - Broken Link
References (UBUNTU) http://www.ubuntu.com/usn/USN-815-1 - (UBUNTU) http://www.ubuntu.com/usn/USN-815-1 - Third Party Advisory
References (VUPEN) http://www.vupen.com/english/advisories/2009/3316 - (VUPEN) http://www.vupen.com/english/advisories/2009/3316 - Broken Link
References (MISC) http://www.cert.fi/en/reports/2009/vulnerability2009085.html - (MISC) http://www.cert.fi/en/reports/2009/vulnerability2009085.html - Broken Link
References (SECUNIA) http://secunia.com/advisories/36207 - (SECUNIA) http://secunia.com/advisories/36207 - Broken Link
References (APPLE) http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html - (APPLE) http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html - Mailing List
References (SECUNIA) http://secunia.com/advisories/36631 - (SECUNIA) http://secunia.com/advisories/36631 - Broken Link
References (CONFIRM) http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html - (CONFIRM) http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html - Third Party Advisory
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262 - Broken Link
References (BUGTRAQ) http://www.securityfocus.com/archive/1/507985/100/0/threaded - (BUGTRAQ) http://www.securityfocus.com/archive/1/507985/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References (CONFIRM) http://support.apple.com/kb/HT3937 - (CONFIRM) http://support.apple.com/kb/HT3937 - Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html - Mailing List
References (CONFIRM) http://support.apple.com/kb/HT4225 - (CONFIRM) http://support.apple.com/kb/HT4225 - Third Party Advisory
References (CONFIRM) https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59 - (CONFIRM) https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59 - Patch
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783 - Broken Link
References (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=515205 - (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=515205 - Issue Tracking, Patch
References (APPLE) http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html - (APPLE) http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html - Mailing List
References (CONFIRM) http://www.vmware.com/security/advisories/VMSA-2009-0016.html - (CONFIRM) http://www.vmware.com/security/advisories/VMSA-2009-0016.html - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/36338 - (SECUNIA) http://secunia.com/advisories/36338 - Broken Link
References (SECUNIA) http://secunia.com/advisories/35036 - (SECUNIA) http://secunia.com/advisories/35036 - Broken Link
References (SECUNIA) http://secunia.com/advisories/36417 - (SECUNIA) http://secunia.com/advisories/36417 - Broken Link
References (APPLE) http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html - (APPLE) http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html - Mailing List
References (SECUNIA) http://secunia.com/advisories/37346 - (SECUNIA) http://secunia.com/advisories/37346 - Broken Link
References (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html - (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html - Mailing List
References (MISC) http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html - (MISC) http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html - Patch
References (BID) http://www.securityfocus.com/bid/36010 - (BID) http://www.securityfocus.com/bid/36010 - Broken Link, Third Party Advisory, VDB Entry
References (MISC) http://www.codenomicon.com/labs/xml/ - (MISC) http://www.codenomicon.com/labs/xml/ - Broken Link
References (VUPEN) http://www.vupen.com/english/advisories/2009/3184 - (VUPEN) http://www.vupen.com/english/advisories/2009/3184 - Broken Link
References (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html - (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html - Mailing List
References (VUPEN) http://www.vupen.com/english/advisories/2009/2420 - (VUPEN) http://www.vupen.com/english/advisories/2009/2420 - Broken Link
References (CONFIRM) http://support.apple.com/kb/HT3949 - (CONFIRM) http://support.apple.com/kb/HT3949 - Third Party Advisory
References (VUPEN) http://www.vupen.com/english/advisories/2009/3217 - (VUPEN) http://www.vupen.com/english/advisories/2009/3217 - Broken Link
References (MISC) http://www.networkworld.com/columnists/2009/080509-xml-flaw.html - (MISC) http://www.networkworld.com/columnists/2009/080509-xml-flaw.html - Broken Link
References (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html - (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html - Mailing List
Information

Published : 2009-08-11 18:30

Updated : 2025-04-09 00:30

NVD link : CVE-2009-2416

Mitre link : CVE-2009-2416

CVE.ORG link : CVE-2009-2416

JSON object : View

Products Affected

debian

  • debian_linux

apple

  • safari
  • iphone_os
  • mac_os_x
  • mac_os_x_server

canonical

  • ubuntu_linux

vmware

  • vcenter_server
  • esx
  • vma
  • esxi

sun

  • openoffice.org

fedoraproject

  • fedora

xmlsoft

  • libxml
  • libxml2

google

  • chrome

suse

  • linux_enterprise_server
  • linux_enterprise

opensuse

  • opensuse

redhat

  • enterprise_linux
CWE
CWE-416

Use After Free