Description
Multiple integer overflows in Christos Zoulas file before 5.02 allow
user-assisted remote attackers to have an unspecified impact via a
malformed compound document (aka cdf) file that triggers a buffer overflow.
Affected Package
Related
{"id": "UB:CVE-2009-3930", "vendorId": null, "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2009-3930", "description": "Multiple integer overflows in Christos Zoulas file before 5.02 allow\nuser-assisted remote attackers to have an unspecified impact via a\nmalformed compound document (aka cdf) file that triggers a buffer overflow.", "published": "2009-11-10T00:00:00", "modified": "2009-11-10T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.3}, "severity": "HIGH", "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2009-3930", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3930", "https://nvd.nist.gov/vuln/detail/CVE-2009-3930", "https://launchpad.net/bugs/cve/CVE-2009-3930", "https://security-tracker.debian.org/tracker/CVE-2009-3930"], "cvelist": ["CVE-2009-3930"], "immutableFields": [], "lastseen": "2022-08-04T14:38:27", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-3930"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-3930"]}], "rev": 4}, "score": {"value": 6.8, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2009-3930"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-3930"]}]}, "exploitation": null, "vulnersScore": 6.8}, "_state": {"dependencies": 1659908583, "score": 1659843777}, "_internal": {"score_hash": "0aef840e5d488f8dd5aaaf33a79ad307"}, "affectedPackage": [{"OS": "ubuntu", "OSVersion": "upstream", "arch": "noarch", "packageVersion": "5.02", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "file"}], "bugs": []}
{"cve": [{"lastseen": "2022-03-23T21:36:49", "description": "Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.", "cvss3": {}, "published": "2009-11-10T19:30:00", "type": "cve", "title": "CVE-2009-3930", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3930"], "modified": "2009-11-24T07:04:00", "cpe": ["cpe:/a:christos_zoulas:file:4.02", "cpe:/a:christos_zoulas:file:4.03", "cpe:/a:christos_zoulas:file:3.39", "cpe:/a:christos_zoulas:file:3.37", "cpe:/a:christos_zoulas:file:4.16", "cpe:/a:christos_zoulas:file:4.07", "cpe:/a:christos_zoulas:file:3.38", "cpe:/a:christos_zoulas:file:4.20", "cpe:/a:christos_zoulas:file:4.17", "cpe:/a:christos_zoulas:file:4.12", "cpe:/a:christos_zoulas:file:4.13", "cpe:/a:christos_zoulas:file:5.01", "cpe:/a:christos_zoulas:file:3.30", "cpe:/a:christos_zoulas:file:3.33", "cpe:/a:christos_zoulas:file:4.25", "cpe:/a:christos_zoulas:file:4.19", "cpe:/a:christos_zoulas:file:4.09", "cpe:/a:christos_zoulas:file:4.21", "cpe:/a:christos_zoulas:file:5.00", "cpe:/a:christos_zoulas:file:4.01", "cpe:/a:christos_zoulas:file:3.40", "cpe:/a:christos_zoulas:file:3.31", "cpe:/a:christos_zoulas:file:4.04", "cpe:/a:christos_zoulas:file:3.34", "cpe:/a:christos_zoulas:file:4.23", "cpe:/a:christos_zoulas:file:4.26", "cpe:/a:christos_zoulas:file:3.41", "cpe:/a:christos_zoulas:file:4.15", "cpe:/a:christos_zoulas:file:4.08", "cpe:/a:christos_zoulas:file:4.06", "cpe:/a:christos_zoulas:file:4.11", "cpe:/a:christos_zoulas:file:3.32", "cpe:/a:christos_zoulas:file:4.14", "cpe:/a:christos_zoulas:file:3.36", "cpe:/a:christos_zoulas:file:4.24"], "id": "CVE-2009-3930", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3930", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:christos_zoulas:file:4.24:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.20:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:5.01:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.09:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.15:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:3.36:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:3.32:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:3.30:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.06:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.16:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.13:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.25:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:3.34:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.02:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.12:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.19:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:3.41:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.17:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:3.31:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.23:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.03:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.14:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.21:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:3.37:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:3.38:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.01:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.11:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.07:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:3.40:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:3.33:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.08:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.04:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:3.39:*:*:*:*:*:*:*", "cpe:2.3:a:christos_zoulas:file:4.26:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2023-01-31T06:05:29", "description": "Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.", "cvss3": {}, "published": "2009-11-10T19:30:00", "type": "debiancve", "title": "CVE-2009-3930", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3930"], "modified": "2009-11-10T19:30:00", "id": "DEBIANCVE:CVE-2009-3930", "href": "https://security-tracker.debian.org/tracker/CVE-2009-3930", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
CVE-2009-3930
