Lucene search
HistoryJul 05, 2009 - 4:30 p.m.
CVE-2009-2294
cve-2009-2294
integer overflow
dillo
remote attack
denial of service
arbitrary code execution
png image
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
Low
0.047 Low
EPSS
Percentile
92.7%
Integer overflow in the Png_datainfo_callback function in Dillo 2.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG image with crafted (1) width or (2) height values.
Affected configurations
Node
dillodilloRangeβ€2.1
ORdillodilloMatch0.0.0
ORdillodilloMatch0.0.1
ORdillodilloMatch0.0.2
ORdillodilloMatch0.0.3
ORdillodilloMatch0.0.4
ORdillodilloMatch0.0.5
ORdillodilloMatch0.0.6
ORdillodilloMatch0.0.42
ORdillodilloMatch0.0.43
ORdillodilloMatch0.1.0
ORdillodilloMatch0.2
ORdillodilloMatch0.2.1
ORdillodilloMatch0.2.2
ORdillodilloMatch0.2.3
ORdillodilloMatch0.2.4
ORdillodilloMatch0.3
ORdillodilloMatch0.3.1
ORdillodilloMatch0.3.2
ORdillodilloMatch0.4
ORdillodilloMatch0.5.0
ORdillodilloMatch0.5.1
ORdillodilloMatch0.6
ORdillodilloMatch0.6.1
ORdillodilloMatch0.6.2
ORdillodilloMatch0.6.3
ORdillodilloMatch0.6.4
ORdillodilloMatch0.6.5
ORdillodilloMatch0.6.6
ORdillodilloMatch0.7
ORdillodilloMatch0.7.1
ORdillodilloMatch0.7.1.2
ORdillodilloMatch0.7.2
ORdillodilloMatch0.7.3
ORdillodilloMatch0.8
ORdillodilloMatch0.8.1
ORdillodilloMatch0.8.2
ORdillodilloMatch0.8.3
ORdillodilloMatch0.8.4
ORdillodilloMatch0.8.5pre-dw-design1
ORdillodilloMatch0.8.5pre-dw-design2
ORdillodilloMatch0.8.5pre-dw-design3
ORdillodilloMatch0.8.6
Related
ubuntucve
ubuntucve
CVE-2009-2294
2009-07-05 00:00:00
debiancve
debiancve
CVE-2009-2294
2009-07-05 16:30:00
securityvulns
securityvulns
Dillo browser integer overflow
2009-07-06 00:00:00
[oCERT-2009-008] Dillo integer overflow
2009-07-06 00:00:00
nessus
nessus
GLSA-200908-10 : Dillo: User-assisted execution of arbitrary code
2009-08-20 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200908-10 (dillo)
2009-09-02 00:00:00
Gentoo Security Advisory GLSA 200908-10 (dillo)
2009-09-02 00:00:00
seebug
seebug
Dillo Png_datainfo_callback()ε½ζ°ζ΄ζ°ζΊ’εΊζΌζ΄
2009-07-07 00:00:00
prion
prion
Integer overflow
2009-07-05 16:30:00
nvd
nvd
CVE-2009-2294
2009-07-05 16:30:00
gentoo
gentoo
Dillo: User-assisted execution of arbitrary code
2009-08-18 00:00:00
cvelist
cvelist
CVE-2009-2294
2009-07-05 16:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
Low
0.047 Low
EPSS
Percentile
92.7%
Related for CVE-2009-2294