The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-06T18:38:15.063Z

Reserved: 2012-01-19T00:00:00

Link: CVE-2012-0876

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2012-07-03T19:55:02.210

Modified: 2025-04-11T00:51:21.963

Link: CVE-2012-0876

cve-icon Redhat

Severity : Moderate

Publid Date: 2012-03-03T00:00:00Z

Links: CVE-2012-0876 - Bugzilla

cve-icon OpenCVE Enrichment

No data.