Lucene search

K
cveRedhatCVE-2009-2411
HistoryAug 07, 2009 - 7:30 p.m.

CVE-2009-2411

2009-08-0719:30:00
CWE-189
redhat
web.nvd.nist.gov
64
cve-2009-2411
libsvn_delta
subversion
integer overflow
code execution
svndiff
heap-based buffer overflow

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.148

Percentile

95.9%

Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412.

Affected configurations

Nvd
Node
subversionsubversionRange1.5.6
OR
subversionsubversionMatch0.22.1
OR
subversionsubversionMatch0.23.0
OR
subversionsubversionMatch0.24.0
OR
subversionsubversionMatch0.24.1
OR
subversionsubversionMatch0.24.2
OR
subversionsubversionMatch0.25.0
OR
subversionsubversionMatch0.27.0
OR
subversionsubversionMatch0.28.0
OR
subversionsubversionMatch0.28.1
OR
subversionsubversionMatch0.28.2
OR
subversionsubversionMatch0.29.0
OR
subversionsubversionMatch0.30.0
OR
subversionsubversionMatch0.31.0
OR
subversionsubversionMatch0.32.0
OR
subversionsubversionMatch0.32.1
OR
subversionsubversionMatch0.33.0
OR
subversionsubversionMatch0.33.1
OR
subversionsubversionMatch0.34.0
OR
subversionsubversionMatch0.35.0
OR
subversionsubversionMatch0.35.1
OR
subversionsubversionMatch0.36.0
OR
subversionsubversionMatch0.37.0
OR
subversionsubversionMatch1.0
OR
subversionsubversionMatch1.0.0
OR
subversionsubversionMatch1.0.1
OR
subversionsubversionMatch1.0.2
OR
subversionsubversionMatch1.0.3
OR
subversionsubversionMatch1.0.4
OR
subversionsubversionMatch1.0.5
OR
subversionsubversionMatch1.0.6
OR
subversionsubversionMatch1.0.7
OR
subversionsubversionMatch1.0.8
OR
subversionsubversionMatch1.0.9
OR
subversionsubversionMatch1.1.0
OR
subversionsubversionMatch1.1.0_rc1
OR
subversionsubversionMatch1.1.0_rc2
OR
subversionsubversionMatch1.1.0_rc3
OR
subversionsubversionMatch1.1.1
OR
subversionsubversionMatch1.1.2
OR
subversionsubversionMatch1.1.3
OR
subversionsubversionMatch1.1.4
OR
subversionsubversionMatch1.2.0
OR
subversionsubversionMatch1.2.1
OR
subversionsubversionMatch1.2.2
OR
subversionsubversionMatch1.2.3
OR
subversionsubversionMatch1.3.0
OR
subversionsubversionMatch1.3.1
OR
subversionsubversionMatch1.3.2
OR
subversionsubversionMatch1.4.0
OR
subversionsubversionMatch1.4.1
OR
subversionsubversionMatch1.4.2
OR
subversionsubversionMatch1.4.3
OR
subversionsubversionMatch1.4.4
OR
subversionsubversionMatch1.4.5
OR
subversionsubversionMatch1.5.0
OR
subversionsubversionMatch1.5.1
OR
subversionsubversionMatch1.5.3
OR
subversionsubversionMatch1.5.4
OR
subversionsubversionMatch1.5.5
OR
subversionsubversionMatch1.6.0
OR
subversionsubversionMatch1.6.1
OR
subversionsubversionMatch1.6.2
OR
subversionsubversionMatch1.6.3
VendorProductVersionCPE
subversionsubversion*cpe:2.3:a:subversion:subversion:*:*:*:*:*:*:*:*
subversionsubversion0.22.1cpe:2.3:a:subversion:subversion:0.22.1:*:*:*:*:*:*:*
subversionsubversion0.23.0cpe:2.3:a:subversion:subversion:0.23.0:*:*:*:*:*:*:*
subversionsubversion0.24.0cpe:2.3:a:subversion:subversion:0.24.0:*:*:*:*:*:*:*
subversionsubversion0.24.1cpe:2.3:a:subversion:subversion:0.24.1:*:*:*:*:*:*:*
subversionsubversion0.24.2cpe:2.3:a:subversion:subversion:0.24.2:*:*:*:*:*:*:*
subversionsubversion0.25.0cpe:2.3:a:subversion:subversion:0.25.0:*:*:*:*:*:*:*
subversionsubversion0.27.0cpe:2.3:a:subversion:subversion:0.27.0:*:*:*:*:*:*:*
subversionsubversion0.28.0cpe:2.3:a:subversion:subversion:0.28.0:*:*:*:*:*:*:*
subversionsubversion0.28.1cpe:2.3:a:subversion:subversion:0.28.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 641

References

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.148

Percentile

95.9%