Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2012-2921

Universal Feed Parser (aka feedparser or python-feedparser) before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document.

Related bugs and status

CVE-2012-2921 (Candidate) is related to these bugs:

Bug #1056820: feedparser ftbfs in quantal, test suite failures

		In	Importance	Status
1056820	feedparser ftbfs in quantal, test suite failures	feedparser (Ubuntu)	High	Fix Released
1056820	feedparser ftbfs in quantal, test suite failures	feedparser (Ubuntu Quantal)	High	Fix Released
1056820	feedparser ftbfs in quantal, test suite failures	libxml2 (Ubuntu Quantal)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://freecode.com/pr...
OSVDB: 81701
BID: 53654
SECUNIA: 49256
CONFIRM: https://wiki.mageia.or...
MANDRIVA: MDVSA-2013:118
CONFIRM: https://code.google.co...
CONFIRM: https://code.google.co...