Lucene search

[email protected]CVE-2009-4479

HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-4479

2022-10-0316:24:03

CWE-399

[email protected]

web.nvd.nist.gov

cve-2009-4479

mailsite 8.0.4

ldap3a.exe

remote code execution

denial of service

heap memory corruption

daemon crash

vulndisco pack professional

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.5%

JSON

LDAP3A.exe in MailSite 8.0.4 allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.13 through 8.11. NOTE: as of 20091229, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Affected configurations

NVD

Node

mailsitemailsiteMatch8.0.4

CPENameOperatorVersion
mailsite:mailsitemailsiteeq8.0.4

CPE	Name	Operator	Version
mailsite:mailsite	mailsite	eq	8.0.4

References

intevydis.com/vd-list.shtml

secunia.com/advisories/36573

www.securityfocus.com/bid/36240

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.5%

JSON

Related for CVE-2009-4479

nvd1 prion1 cvelist1