Lucene search

[email protected]NVD:CVE-2009-4251

HistoryDec 10, 2009 - 12:30 a.m.

CVE-2009-4251

2009-12-1000:30:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.899

Percentile

98.9%

JSON

Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366.

Affected configurations

Nvd

Node

corelpaint_shop_proMatch8.10

VendorProductVersionCPE
corelpaint_shop_pro8.10cpe:2.3:a:corel:paint_shop_pro:8.10:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
corel	paint_shop_pro	8.10	cpe:2.3:a:corel:paint_shop_pro:8.10:::::::*

References

aluigi.freeforums.org/post8780.html

osvdb.org/60592

secunia.com/advisories/37591

www.packetstormsecurity.org/0912-exploits/jasc-overflow.txt

www.securityfocus.com/bid/37204

www.vupen.com/english/advisories/2009/3418

exchange.xforce.ibmcloud.com/vulnerabilities/54551

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.899

Percentile

98.9%

JSON

Related for NVD:CVE-2009-4251

cvelist2 cve2 prion2 nvd1 exploitdb2 securityvulns1