CVE-2012-0841

Priority
Medium
Description
libxml2 before 2.8.0 computes hash values without restricting the ability
to trigger hash collisions predictably, which allows context-dependent
attackers to cause a denial of service (CPU consumption) via crafted XML
data.
References
Bugs
Assigned-to
jdstrand
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):released (2.7.8.dfsg-5.1ubuntu4)
Patches:
Patch:http://git.gnome.org/browse/libxml2/commit/?id=8973d58b7498fa5100a876815476b81fd1a2412a
Vendor:http://www.debian.org/security/2012/dsa-2417
Vendor:https://rhn.redhat.com/errata/RHSA-2012-0324.html
More Information

Updated: 2016-03-23 03:39:18 UTC (commit 10817)