Lucene search

K
cve[email protected]CVE-2009-5028
HistoryNov 30, 2011 - 4:05 a.m.

CVE-2009-5028

2011-11-3004:05:58
CWE-119
web.nvd.nist.gov
27
cve-2009-5028
buffer overflow
namazu
denial of service
remote attackers
arbitrary code
crafted request

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

High

0.098 Low

EPSS

Percentile

94.8%

Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field.

Affected configurations

NVD
Node
namazunamazuRange2.0.19
OR
namazunamazuMatch2.0
OR
namazunamazuMatch2.0.2
OR
namazunamazuMatch2.0.12
OR
namazunamazuMatch2.0.13
OR
namazunamazuMatch2.0.14
OR
namazunamazuMatch2.0.15
OR
namazunamazuMatch2.0.16
OR
namazunamazuMatch2.0.17
OR
namazunamazuMatch2.0.18

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

High

0.098 Low

EPSS

Percentile

94.8%