CVE-2012-1147

Name of the Vulnerable Software and Affected Versions expat versions prior to 2.1.0

Description The issue concerns multiple vulnerabilities in the expat package that can lead to a disruption of protected information availability. These vulnerabilities can be exploited remotely. Specifically, in versions before 2.1.0, context-dependent attackers can cause a denial of service by consuming file descriptors via a large number of crafted XML files, as seen in the readfilemap.c file.

Recommendations For expat versions prior to 2.1.0, update to version 2.1.0 or later to resolve the issue. As a temporary workaround, consider restricting the processing of XML files from untrusted sources to minimize the risk of exploitation.