Lucene search

MitreCVE-2009-4225

HistoryDec 08, 2009 - 6:30 p.m.

CVE-2009-4225

2009-12-0818:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2009-4225

nvd

security

buffer overflow

pestpatrol

ca etrust

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.933

Percentile

99.1%

JSON

Stack-based buffer overflow in the PestPatrol ActiveX control (ppctl.dll) 5.6.7.9 in CA eTrust PestPatrol allows remote attackers to execute arbitrary code via a long argument to the Initialize method.

Affected configurations

Nvd

Node

caetrust_pestpatrole_ppctl.dll_activexMatch5.6.7.9

VendorProductVersionCPE
caetrust_pestpatrole_ppctl.dll_activex5.6.7.9cpe:2.3:a:ca:etrust_pestpatrole_ppctl.dll_activex:5.6.7.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ca	etrust_pestpatrole_ppctl.dll_activex	5.6.7.9	cpe:2.3:a:ca:etrust_pestpatrole_ppctl.dll_activex:5.6.7.9:::::::*

References

www.fortiguard.com/encyclopedia/vulnerability/ca.etrust.pestpatrol.ppctl.dll.activex.access.html

www.metasploit.com/redmine/projects/framework/repository/revisions/7167/entry/modules/exploits/windows/fileformat/etrust_pestscan.rb

www.securityfocus.com/bid/37133

exchange.xforce.ibmcloud.com/vulnerabilities/54458

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.933

Percentile

99.1%

JSON

Related for CVE-2009-4225