Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-508-1 | expat security update |
![]() |
DSA-3597-1 | expat security update |
![]() |
EUVD-2012-6544 | Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. |
![]() |
USN-3010-1 | Expat vulnerabilities |
![]() |
USN-3013-1 | XML-RPC for C and C++ vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Sun, 13 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Sat, 12 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|

Status: PUBLISHED
Assigner: microfocus
Published:
Updated: 2024-08-06T21:36:02.049Z
Reserved: 2016-06-03T00:00:00
Link: CVE-2012-6702

No data.

Status : Deferred
Published: 2016-06-16T18:59:00.327
Modified: 2025-04-12T10:46:40.837
Link: CVE-2012-6702


No data.