XML Parser Hash Collision Denial of Service Vulnerability
CVE-2012-0876 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:N/A:P
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.
Learn more about our Web Application Penetration Testing UK.