Wind River Support Network

Home CVE Database CVE-2017-9233

CVE-2017-9233

Description

XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.

Priority: MEDIUM

CVSS v3: 7.5

Publish Date: Jul 25, 2017

Related ID: --

CVSS v2: High

Modified Date: Jul 25, 2017

Find out more about CVE-2017-9233 from the MITRE-CVE dictionary and NIST NVD

Products Affected

Product Name	Status	Defect	Fixed	Downloads
Linux
Wind River Linux LTS 17	Not Vulnerable	--	--	--
Wind River Linux 9	Fixed	LIN9-4717	9.0.0.9	Wind River Linux 9.0.0.9 Wind River Linux 9.0.0.10 Wind River Linux 9.0.0.11 Wind River Linux 9.0.0.12 Wind River Linux 9.0.0.13 Wind River Linux 9.0.0.14 Wind River Linux 9.0.0.15 Wind River Linux 9.0.0.16 Wind River Linux 9.0.0.17 Wind River Linux 9.0.0.18 Wind River Linux 9.0.0.19 Wind River Linux 9.0.0.20 Wind River Linux 9.0.0.21 Wind River Linux 9.0.0.22 Wind River Linux 9.0.0.23 Wind River Linux 9.0.0.24 Wind River Linux 9.0.0.25
Wind River Linux 8	Fixed	LIN8-7145	8.0.0.20	Wind River Linux 8.0.0.20 Wind River Linux 8.0.0.21 Wind River Linux 8.0.0.22 Wind River Linux 8.0.0.23 Wind River Linux 8.0.0.24 Wind River Linux 8.0.0.25 Wind River Linux 8.0.0.26 Wind River Linux 8.0.0.27 Wind River Linux 8.0.0.28 Wind River Linux 8.0.0.29 Wind River Linux 8.0.0.30 Wind River Linux 8.0.0.31 Wind River Linux 8.0.0.32 Wind River Linux 8.0.0.33
Wind River Linux LTS 18	Not Vulnerable	--	--	--
Wind River Linux LTS 19	Not Vulnerable	--	--	--
Wind River Linux CD release	Not Vulnerable	--	--	--
VxWorks
VxWorks 7	Fixed	--	xml-2.2.4.0	--
VxWorks 6.9	Vulnerable	--	--	--

Related Products

Product Name	Status	Defect	Fixed	Downloads
Linux 7 SCP	Not Vulnerable	--	--	--
Linux 7 CGP	Not Vulnerable	--	--	--

Comments

expat