Lucene search

[email protected]CVE-2009-1284

HistoryApr 09, 2009 - 4:27 p.m.

CVE-2009-1284

2009-04-0916:27:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-1284

buffer overflow

bibtex

denial of service

memory corruption

crash

nvd

6.4 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.014 Low

EPSS

Percentile

86.2%

JSON

Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file.

CPENameOperatorVersion
bibtex:bibtexbibtexeq0.99

CPE	Name	Operator	Version
bibtex:bibtex	bibtex	eq	0.99

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=520920

secunia.com/advisories/34445

security.gentoo.org/glsa/glsa-201206-28.xml

www.openwall.com/lists/oss-security/2009/04/01/8

www.ubuntu.com/usn/USN-937-1

bugzilla.redhat.com/show_bug.cgi?id=492136

www.redhat.com/archives/fedora-package-announce/2009-November/msg00505.html

www.redhat.com/archives/fedora-package-announce/2009-November/msg00507.html

6.4 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.014 Low

EPSS

Percentile

86.2%

JSON

Related for CVE-2009-1284

ubuntucve1 openvas18 fedora3 prion1 nessus5 debiancve1 securityvulns1 gentoo1 ubuntu1