Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1156

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-1156
Last Modified 23 Aug 2011 11:16:35
Published 11 Apr 2011 02:55:03
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1156

Summary

feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0.1 allows remote attackers to cause a denial of service (application crash) via a malformed DOCTYPE declaration.

Vulnerable Systems

Application

  • Mark Pilgrim Feedparser 3.0

  • Mark Pilgrim Feedparser 3.0.1

  • Mark Pilgrim Feedparser 3.1

  • Mark Pilgrim Feedparser 3.2

  • Mark Pilgrim Feedparser 3.3

  • Mark Pilgrim Feedparser 4.0

  • Mark Pilgrim Feedparser 4.0.1

  • Mark Pilgrim Feedparser 4.0.2

  • Mark Pilgrim Feedparser 4.1

  • Mark Pilgrim Feedparser 5.0


References

CONFIRM - https://code.google.com/p/feedparser/issues/detail?id=91

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=680074

MLIST - [oss-security] 20110315 Re: CVE request for python-feedparser

MLIST - [oss-security] 20110314 CVE request for python-feedparser

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=684877

BID - 46867

MANDRIVA - MDVSA-2011:082

CONFIRM - http://support.novell.com/security/cve/CVE-2011-1156.html

SECUNIA - 44074

SECUNIA - 43730

MLIST - [opensuse-updates] 20110408 openSUSE-SU-2011:0314-1 (moderate): python-feedparser security update


Last Updated: 27 May 2016 10:56:12