Lucene search
HistoryJul 05, 2009 - 4:30 p.m.
CVE-2009-2294
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
High
0.047 Low
EPSS
Percentile
92.7%
Integer overflow in the Png_datainfo_callback function in Dillo 2.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG image with crafted (1) width or (2) height values.
Affected configurations
Node
dillodilloRangeβ€2.1
ORdillodilloMatch0.0.0
ORdillodilloMatch0.0.1
ORdillodilloMatch0.0.2
ORdillodilloMatch0.0.3
ORdillodilloMatch0.0.4
ORdillodilloMatch0.0.5
ORdillodilloMatch0.0.6
ORdillodilloMatch0.0.42
ORdillodilloMatch0.0.43
ORdillodilloMatch0.1.0
ORdillodilloMatch0.2
ORdillodilloMatch0.2.1
ORdillodilloMatch0.2.2
ORdillodilloMatch0.2.3
ORdillodilloMatch0.2.4
ORdillodilloMatch0.3
ORdillodilloMatch0.3.1
ORdillodilloMatch0.3.2
ORdillodilloMatch0.4
ORdillodilloMatch0.5.0
ORdillodilloMatch0.5.1
ORdillodilloMatch0.6
ORdillodilloMatch0.6.1
ORdillodilloMatch0.6.2
ORdillodilloMatch0.6.3
ORdillodilloMatch0.6.4
ORdillodilloMatch0.6.5
ORdillodilloMatch0.6.6
ORdillodilloMatch0.7
ORdillodilloMatch0.7.1
ORdillodilloMatch0.7.1.2
ORdillodilloMatch0.7.2
ORdillodilloMatch0.7.3
ORdillodilloMatch0.8
ORdillodilloMatch0.8.1
ORdillodilloMatch0.8.2
ORdillodilloMatch0.8.3
ORdillodilloMatch0.8.4
ORdillodilloMatch0.8.5pre-dw-design1
ORdillodilloMatch0.8.5pre-dw-design2
ORdillodilloMatch0.8.5pre-dw-design3
ORdillodilloMatch0.8.6
Related
ubuntucve
ubuntucve
CVE-2009-2294
2009-07-05 00:00:00
securityvulns
securityvulns
Dillo browser integer overflow
2009-07-06 00:00:00
[oCERT-2009-008] Dillo integer overflow
2009-07-06 00:00:00
debiancve
debiancve
CVE-2009-2294
2009-07-05 16:30:00
nessus
nessus
GLSA-200908-10 : Dillo: User-assisted execution of arbitrary code
2009-08-20 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200908-10 (dillo)
2009-09-02 00:00:00
Gentoo Security Advisory GLSA 200908-10 (dillo)
2009-09-02 00:00:00
seebug
seebug
Dillo Png_datainfo_callback()ε½ζ°ζ΄ζ°ζΊ’εΊζΌζ΄
2009-07-07 00:00:00
prion
prion
Integer overflow
2009-07-05 16:30:00
cve
cve
CVE-2009-2294
2009-07-05 16:30:00
gentoo
gentoo
Dillo: User-assisted execution of arbitrary code
2009-08-18 00:00:00
cvelist
cvelist
CVE-2009-2294
2009-07-05 16:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
High
0.047 Low
EPSS
Percentile
92.7%
Related for NVD:CVE-2009-2294