Lucene search

[email protected]CVE-2009-4107

HistoryNov 29, 2009 - 1:08 p.m.

CVE-2009-4107

2009-11-2913:08:29

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-4107

buffer overflow

invisible browsing

remote code execution

security vulnerability

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.107 Low

EPSS

Percentile

95.1%

JSON

Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted remote attackers to execute arbitrary code via a crafted .ibkey file containing a long string.

Affected configurations

NVD

Node

amplusnetinvisible_browsingMatch5.0.52

CPENameOperatorVersion
amplusnet:invisible_browsingamplusnet invisible browsingeq5.0.52

CPE	Name	Operator	Version
amplusnet:invisible_browsing	amplusnet invisible browsing	eq	5.0.52

References

hjafari.blogspot.com/2009/09/invisible-browsing-5052-ibkey-local.html

www.exploit-db.com/exploits/9655

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.107 Low

EPSS

Percentile

95.1%

JSON

Related for CVE-2009-4107

nvd1 cvelist1 prion1