Unrated severityNVD Advisory· Published Oct 8, 2008· Updated Jun 16, 2026
CVE-2008-4482
CVE-2008-4482
Description
The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19cpe:2.3:a:apache:xerces-c\+\+:*:*:*:*:*:*:*:*+ 18 more
- cpe:2.3:a:apache:xerces-c\+\+:*:*:*:*:*:*:*:*range: <=2.8.0
- cpe:2.3:a:apache:xerces-c\+\+:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:2.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:xerces-c\+\+:2.7.0:*:*:*:*:*:*:*
- (no CPE)range: <3.0.0
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.