Lucene search

[email protected]NVD:CVE-2009-1262

HistoryApr 07, 2009 - 11:30 p.m.

CVE-2009-1262

2009-04-0723:30:00

CWE-134

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

Percentile

0.4%

JSON

Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.

Affected configurations

Nvd

Node

fortinetforticlientMatch3.0.614

References

lists.grok.org.uk/pipermail/full-disclosure/2009-April/068583.html

osvdb.org/53266

secunia.com/advisories/34524

www.layereddefense.com/FortiClient02Apr.html

www.securityfocus.com/archive/1/502354/100/0/threaded

www.securityfocus.com/archive/1/502602/100/0/threaded

www.securityfocus.com/bid/34343

www.securitytracker.com/id?1021966

www.vupen.com/english/advisories/2009/0941

exchange.xforce.ibmcloud.com/vulnerabilities/49633

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

Percentile

0.4%

JSON

Related for NVD:CVE-2009-1262

prion1 nessus1 cvelist1 cve1