Lucene search

[email protected]NVD:CVE-2009-0544

HistoryFeb 12, 2009 - 5:30 p.m.

CVE-2009-0544

2009-02-1217:30:00

CWE-119

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.321 Low

EPSS

Percentile

97.0%

JSON

Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length.

Affected configurations

NVD

Node

pycryptoarc2Match2.0.1

References

gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git%3Ba=commitdiff%3Bh=d1c4875e1f220652fe7ff8358f56dee3b2aba31b

gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git%3Ba=commitdiff%3Bh=fd73731dfad451a81056fbb01e09aa78ab82eb5d

lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

secunia.com/advisories/34199

secunia.com/advisories/35065

www.gentoo.org/security/en/glsa/glsa-200903-11.xml

www.mandriva.com/security/advisories?name=MDVSA-2009:049

www.mandriva.com/security/advisories?name=MDVSA-2009:050

www.openwall.com/lists/oss-security/2009/02/07/1

www.openwall.com/lists/oss-security/2009/02/12/5

www.securityfocus.com/bid/33674

exchange.xforce.ibmcloud.com/vulnerabilities/48617

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.321 Low

EPSS

Percentile

97.0%

JSON

Related for NVD:CVE-2009-0544

nessus8 openvas21 ubuntu1 securityvulns2 cve1 gentoo1 seebug1 prion1 cvelist1 debian1 ubuntucve1 debiancve1