CVE-2012-1147

Description

readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.

How to fix CVE-2012-1147

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

• Debian/libxmltok—no fix listed

Is CVE-2012-1147 being exploited?

Low — EPSS is 0.8%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2012-1147