No subject
Thu Aug 20 06:46:28 UTC 2009
big5 encoded document can trigger a bad conversion to utf-8 which in
turn can trigger this bug, due to the malformed utf-8.
> CVE-2009-3720[1]:
> | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat
> | 2.0.1, as used in Python, PyXML, w3c-libwww, and other software,
> | allows context-dependent attackers to cause a denial of service
> | (application crash) via an XML document with crafted UTF-8 sequences
> | that trigger a buffer over-read, a different vulnerability than
> | CVE-2009-2625.
This one is about a buffer overrun from malformed utf-8 at the end of
the buffer.
AFAIK, none of these bugs should be affecting the mozilla code base, as
it is doing its own utf-8 conversions and sanitizes it well before it
comes to expat.
Mike
More information about the pkg-mozilla-maintainers
mailing list