Lucene search

[email protected]CVE-2009-0546

HistoryFeb 12, 2009 - 11:30 p.m.

CVE-2009-0546

2009-02-1223:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-0546

buffer overflow

newsgator feeddemon

nvd

security vulnerability

remote code execution

8.2 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.893 High

EPSS

Percentile

98.7%

JSON

Stack-based buffer overflow in NewsGator FeedDemon 2.7 and earlier allows user-assisted remote attackers to execute arbitrary code via a long text attribute in an outline element in a .opml file.

CPENameOperatorVersion
newsgator:feeddemonnewsgator feeddemoneq2.6.1.5
newsgator:feeddemonnewsgator feeddemoneq2.6.1.4
newsgator:feeddemonnewsgator feeddemonle2.7
newsgator:feeddemonnewsgator feeddemoneq2.6
newsgator:feeddemonnewsgator feeddemoneq2.0.0.24

CPE	Name	Operator	Version
newsgator:feeddemon	newsgator feeddemon	eq	2.6.1.5
newsgator:feeddemon	newsgator feeddemon	eq	2.6.1.4
newsgator:feeddemon	newsgator feeddemon	le	2.7
newsgator:feeddemon	newsgator feeddemon	eq	2.6
newsgator:feeddemon	newsgator feeddemon	eq	2.0.0.24

References

osvdb.org/51753

secunia.com/advisories/33718

security.bkis.vn/?p=329

www.securityfocus.com/archive/1/500686/100/0/threaded

www.securityfocus.com/bid/33630

www.exploit-db.com/exploits/7995

www.exploit-db.com/exploits/8010

8.2 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.893 High

EPSS

Percentile

98.7%

JSON

Related for CVE-2009-0546

cvelist1 packetstorm1 checkpoint_advisories1 prion1