Lucene search
HistoryJul 07, 2009 - 11:30 p.m.
CVE-2009-2356
cve-2009-2356
buffer overflow
nulllogic groupware
postgresql
remote code execution
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.3 High
AI Score
Confidence
Low
0.026 Low
EPSS
Percentile
90.4%
Multiple stack-based buffer overflows in the pgsqlQuery function in NullLogic Groupware 1.2.7, when PostgreSQL is used, might allow remote attackers to execute arbitrary code via input to the (1) POP3, (2) SMTP, or (3) web component that triggers a long SQL query.
Affected configurations
Node
dan_cahillnulllogic_groupwareMatch1.2.7
| CPE | Name | Operator | Version |
|---|---|---|---|
| dan_cahill:nulllogic_groupware | dan cahill nulllogic groupware | eq | 1.2.7 |
Related
prion
prion
Stack overflow
2009-07-07 23:30:00
cvelist
cvelist
CVE-2009-2356
2009-07-07 23:00:00
nvd
nvd
CVE-2009-2356
2009-07-07 23:30:00
openvas
openvas
NullLogic Groupware <= 1.2.7 Multiple Vulnerabilities - Linux
2009-07-18 00:00:00
NullLogic Groupware Multiple Vulnerabilities
2009-07-18 00:00:00
NullLogic Groupware <= 1.2.7 Multiple Vulnerabilities
2009-07-18 00:00:00
seebug
seebug
NullLogic Groupware多个远程安全漏洞
2009-07-10 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.3 High
AI Score
Confidence
Low
0.026 Low
EPSS
Percentile
90.4%
Related for CVE-2009-2356