Lucene search
HistoryApr 27, 2009 - 6:00 p.m.
CVE-2009-1440
cve-2009-1440
amule
downloadlistctrl.cpp
argument injection
remote attackers
vulnerability
nvd
6.7 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.015 Low
EPSS
Percentile
87.1%
Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename.
| CPE | Name | Operator | Version |
|---|---|---|---|
| amule:amule | amule | eq | 2.2.4 |
Related
openvas
openvas
Debian Security Advisory DSA 1821-1 (amule)
2009-06-30 00:00:00
Gentoo Security Advisory GLSA 200909-06 (amule)
2009-09-15 00:00:00
Debian: Security Advisory (DSA-1821-1)
2009-06-29 00:00:00
prion
prion
Design/Logic Flaw
2009-04-27 18:00:00
gentoo
gentoo
aMule: Parameter injection
2009-09-09 00:00:00
debian
debian
[SECURITY] [DSA 1821-1] New amule packages fix insufficient input sanitising
2009-06-22 23:46:10
nessus
nessus
GLSA-200909-06 : aMule: Parameter injection
2009-09-10 00:00:00
Debian DSA-1821-1 : amule - insufficient input sanitising
2009-06-23 00:00:00
securityvulns
securityvulns
amule shell characters vulnerability
2009-06-24 00:00:00
[SECURITY] [DSA 1821-1] New amule packages fix insufficient input sanitising
2009-06-24 00:00:00
debiancve
debiancve
CVE-2009-1440
2009-04-27 18:00:00
ubuntucve
ubuntucve
CVE-2009-1440
2009-04-27 00:00:00
6.7 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.015 Low
EPSS
Percentile
87.1%
Related for CVE-2009-1440