Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2009-AVI-186
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités ont été identifiées dans le système d'exploitation Apple Mac OS X. L'exploitation de certaines d'entre elles peut conduire à l'exécution de code arbitraire à distance sur le système vulnérable.
Description
Plusieurs vulnérabilités ont été identifiées dans le système d'exploitation Apple Mac OS X. Elles touchent divers composants et services installés comme CFNetworks (manipulation des échanges HTTP), CoreGraphics (manipulation de fichiers PDF), Help Viewer (manipulation de l'URI help:), QuickDraw Manager (manipulation d'images PICT), Safari (manipulation de l'URI feed:), OpenSSL, PHP, WebKit, X11, etc.
L'exploitation de certaines de ces vulnérabilités peut conduire à l'exécution de code arbitraire à distance sur le système vulnérable.
Solution
Se référer au bulletin de sécurité 2009-002 de Apple pour l'obtention des correctifs (cf. section Documentation).
None| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | Mac OS X Server version 10.4.11 ainsi que celles antérieures. | ||
| Apple | N/A | Mac OS X Server version 10.5.6 ainsi que celles antérieures ; | ||
| Apple | N/A | Mac OS X version 10.5.6 ainsi que celles antérieures ; | ||
| Apple | N/A | Mac OS X version 10.4.11 ainsi que celles antérieures ; |
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Mac OS X Server version 10.4.11 ainsi que celles ant\u00e9rieures.",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Mac OS X Server version 10.5.6 ainsi que celles ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Mac OS X version 10.5.6 ainsi que celles ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Mac OS X version 10.4.11 ainsi que celles ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Apple Mac OS X. Elles touchent divers composants et\nservices install\u00e9s comme CFNetworks (manipulation des \u00e9changes HTTP),\nCoreGraphics (manipulation de fichiers PDF), Help Viewer (manipulation\nde l\u0027URI help:), QuickDraw Manager (manipulation d\u0027images PICT), Safari\n(manipulation de l\u0027URI feed:), OpenSSL, PHP, WebKit, X11, etc.\n\nL\u0027exploitation de certaines de ces vuln\u00e9rabilit\u00e9s peut conduire \u00e0\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance sur le syst\u00e8me vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 2009-002 de Apple pour l\u0027obtention\ndes correctifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-0160",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0160"
},
{
"name": "CVE-2009-0147",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0147"
},
{
"name": "CVE-2008-3652",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3652"
},
{
"name": "CVE-2009-0846",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0846"
},
{
"name": "CVE-2008-5557",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5557"
},
{
"name": "CVE-2009-0847",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0847"
},
{
"name": "CVE-2009-0155",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0155"
},
{
"name": "CVE-2008-3657",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3657"
},
{
"name": "CVE-2009-0153",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0153"
},
{
"name": "CVE-2008-1517",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1517"
},
{
"name": "CVE-2008-3660",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3660"
},
{
"name": "CVE-2008-3529",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3529"
},
{
"name": "CVE-2008-0456",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0456"
},
{
"name": "CVE-2009-0943",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0943"
},
{
"name": "CVE-2009-0157",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0157"
},
{
"name": "CVE-2008-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3651"
},
{
"name": "CVE-2009-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0010"
},
{
"name": "CVE-2009-0040",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0040"
},
{
"name": "CVE-2008-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-1382"
},
{
"name": "CVE-2004-1185",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-1185"
},
{
"name": "CVE-2009-0148",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0148"
},
{
"name": "CVE-2008-2371",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2371"
},
{
"name": "CVE-2008-3658",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3658"
},
{
"name": "CVE-2008-3443",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3443"
},
{
"name": "CVE-2008-3659",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3659"
},
{
"name": "CVE-2009-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0025"
},
{
"name": "CVE-2008-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3863"
},
{
"name": "CVE-2008-2383",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2383"
},
{
"name": "CVE-2008-3530",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3530"
},
{
"name": "CVE-2009-0149",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0149"
},
{
"name": "CVE-2009-0154",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0154"
},
{
"name": "CVE-2008-3790",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3790"
},
{
"name": "CVE-2009-0159",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0159"
},
{
"name": "CVE-2008-2829",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2829"
},
{
"name": "CVE-2009-0165",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0165"
},
{
"name": "CVE-2009-0144",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0144"
},
{
"name": "CVE-2009-0162",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0162"
},
{
"name": "CVE-2008-3655",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3655"
},
{
"name": "CVE-2004-1186",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-1186"
},
{
"name": "CVE-2008-2665",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2665"
},
{
"name": "CVE-2009-0114",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0114"
},
{
"name": "CVE-2008-2666",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2666"
},
{
"name": "CVE-2009-0021",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0021"
},
{
"name": "CVE-2009-0519",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0519"
},
{
"name": "CVE-2009-0145",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0145"
},
{
"name": "CVE-2008-3656",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3656"
},
{
"name": "CVE-2009-0146",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0146"
},
{
"name": "CVE-2009-0844",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0844"
},
{
"name": "CVE-2009-0942",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0942"
},
{
"name": "CVE-2009-0152",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0152"
},
{
"name": "CVE-2009-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0156"
},
{
"name": "CVE-2009-0946",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0946"
},
{
"name": "CVE-2009-0150",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0150"
},
{
"name": "CVE-2008-4309",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4309"
},
{
"name": "CVE-2007-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2754"
},
{
"name": "CVE-2009-0845",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0845"
},
{
"name": "CVE-2009-0944",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0944"
},
{
"name": "CVE-2009-0164",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0164"
},
{
"name": "CVE-2009-0520",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0520"
},
{
"name": "CVE-2008-2939",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2939"
},
{
"name": "CVE-2009-0161",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0161"
},
{
"name": "CVE-2008-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0158"
},
{
"name": "CVE-2004-1184",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-1184"
},
{
"name": "CVE-2008-5077",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5077"
},
{
"name": "CVE-2006-0747",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-0747"
},
{
"name": "CVE-2009-0945",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0945"
}
],
"links": [
{
"title": "D\u00e9tails concernant la mise \u00e0 jour de s\u00e9curit\u00e9 2009-002 du 12 mai 2009\u00a0:",
"url": "http://support.apple.com/kb/HT3397"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Apple 61798 du 12 mai 2009 :",
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"title": "D\u00e9tails concernant la mise \u00e0 jour de s\u00e9curit\u00e9 2009-002 du 12 mai 2009\u00a0:",
"url": "http://support.apple.com/kb/HT3549"
}
],
"reference": "CERTA-2009-AVI-186",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-05-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Apple Mac OS X. L\u0027exploitation de certaines d\u0027entre elles\npeut conduire \u00e0 l\u0027ex\u00e9cution de code arbitraire \u00e0 distance sur le syst\u00e8me\nvuln\u00e9rable.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 2009-002 Apple du 12 mai 2009",
"url": null
}
]
}
CVE-2009-0148 (GCVE-0-2009-0148)
Vulnerability from cvelistv5 – Published: 2009-05-05 17:00 – Updated: 2024-08-07 04:24- n/a
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:17.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20090506 Re: Old cscope buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/05/06/9"
},
{
"name": "35462",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35462"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "RHSA-2009:1101",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1101.html"
},
{
"name": "[cscope-cvs] 20090410 CVS: cscope/src snprintf.c, NONE, 1.1 build.c, 1.14, 1.15 command.c, 1.32, 1.33 dir.c, 1.30, 1.31 display.c, 1.29, 1.30 edit.c, 1.6, 1.7 exec.c, 1.11, 1.12 find.c, 1.20, 1.21 global.h, 1.36, 1.37 main.c, 1.45, 1.46 Makefile.am, 1.12, 1.13 Makefile.in, 1.15, 1.16 vpaccess.c, 1.2, 1.3 vpfopen.c, 1.3, 1.4 vpopen.c, 1.4, 1.5",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=E1LsGx3-00015K-TN%40ddv4jf1.ch3.sourceforge.com\u0026forum_name=cscope-cvs"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "ADV-2009-1238",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1238"
},
{
"name": "35214",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35214"
},
{
"name": "RHSA-2009:1102",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1102.html"
},
{
"name": "GLSA-200905-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-02.xml"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "35213",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35213"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "34805",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34805"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=947983"
},
{
"name": "1022218",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022218"
},
{
"name": "DSA-1806",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1806"
},
{
"name": "oval:org.mitre.oval:def:9633",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9633"
},
{
"name": "34978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34978"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=4664\u0026release_id=679527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490667"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as (1) source-code tokens and (2) pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20090506 Re: Old cscope buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/05/06/9"
},
{
"name": "35462",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35462"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "RHSA-2009:1101",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1101.html"
},
{
"name": "[cscope-cvs] 20090410 CVS: cscope/src snprintf.c, NONE, 1.1 build.c, 1.14, 1.15 command.c, 1.32, 1.33 dir.c, 1.30, 1.31 display.c, 1.29, 1.30 edit.c, 1.6, 1.7 exec.c, 1.11, 1.12 find.c, 1.20, 1.21 global.h, 1.36, 1.37 main.c, 1.45, 1.46 Makefile.am, 1.12, 1.13 Makefile.in, 1.15, 1.16 vpaccess.c, 1.2, 1.3 vpfopen.c, 1.3, 1.4 vpopen.c, 1.4, 1.5",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=E1LsGx3-00015K-TN%40ddv4jf1.ch3.sourceforge.com\u0026forum_name=cscope-cvs"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "ADV-2009-1238",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1238"
},
{
"name": "35214",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35214"
},
{
"name": "RHSA-2009:1102",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1102.html"
},
{
"name": "GLSA-200905-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-02.xml"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "35213",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35213"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "34805",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34805"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=947983"
},
{
"name": "1022218",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022218"
},
{
"name": "DSA-1806",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1806"
},
{
"name": "oval:org.mitre.oval:def:9633",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9633"
},
{
"name": "34978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34978"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=4664\u0026release_id=679527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490667"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0148",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as (1) source-code tokens and (2) pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20090506 Re: Old cscope buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/05/06/9"
},
{
"name": "35462",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35462"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "RHSA-2009:1101",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1101.html"
},
{
"name": "[cscope-cvs] 20090410 CVS: cscope/src snprintf.c, NONE, 1.1 build.c, 1.14, 1.15 command.c, 1.32, 1.33 dir.c, 1.30, 1.31 display.c, 1.29, 1.30 edit.c, 1.6, 1.7 exec.c, 1.11, 1.12 find.c, 1.20, 1.21 global.h, 1.36, 1.37 main.c, 1.45, 1.46 Makefile.am, 1.12, 1.13 Makefile.in, 1.15, 1.16 vpaccess.c, 1.2, 1.3 vpfopen.c, 1.3, 1.4 vpopen.c, 1.4, 1.5",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=E1LsGx3-00015K-TN%40ddv4jf1.ch3.sourceforge.com\u0026forum_name=cscope-cvs"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "ADV-2009-1238",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1238"
},
{
"name": "35214",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35214"
},
{
"name": "RHSA-2009:1102",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1102.html"
},
{
"name": "GLSA-200905-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200905-02.xml"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "35213",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35213"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "34805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34805"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=947983",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=947983"
},
{
"name": "1022218",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022218"
},
{
"name": "DSA-1806",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1806"
},
{
"name": "oval:org.mitre.oval:def:9633",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9633"
},
{
"name": "34978",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34978"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=4664\u0026release_id=679527",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=4664\u0026release_id=679527"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=490667",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490667"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0148",
"datePublished": "2009-05-05T17:00:00.000Z",
"dateReserved": "2009-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:24:17.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0149 (GCVE-0-2009-0149)
Vulnerability from cvelistv5 – Published: 2009-05-13 15:14 – Updated: 2024-08-07 04:24- n/a
| URL | Tags |
|---|---|
| http://support.apple.com/kb/HT3549 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/34942 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/35074 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://www.securityfocus.com/bid/34926 | vdb-entryx_refsource_BID |
| http://www.us-cert.gov/cas/techalerts/TA09-133A.html | third-party-advisoryx_refsource_CERT |
| http://www.vupen.com/english/advisories/2009/1297 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1022217 | vdb-entryx_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "34942",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34942"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "macos-diskimages-code-execution-var1(50484)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50484"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "1022217",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image that triggers memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "34942",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34942"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "macos-diskimages-code-execution-var1(50484)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50484"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "1022217",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022217"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0149",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image that triggers memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "34942",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34942"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "macos-diskimages-code-execution-var1(50484)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50484"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "34926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "1022217",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022217"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0149",
"datePublished": "2009-05-13T15:14:00.000Z",
"dateReserved": "2009-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:24:18.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0150 (GCVE-0-2009-0150)
Vulnerability from cvelistv5 – Published: 2009-05-13 15:14 – Updated: 2024-08-07 04:24- n/a
| URL | Tags |
|---|---|
| http://support.apple.com/kb/HT3549 | x_refsource_CONFIRM |
| http://secunia.com/advisories/35074 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/34926 | vdb-entryx_refsource_BID |
| http://www.us-cert.gov/cas/techalerts/TA09-133A.html | third-party-advisoryx_refsource_CERT |
| http://www.vupen.com/english/advisories/2009/1297 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1022217 | vdb-entryx_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:17.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "macos-diskimages-bo(50483)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50483"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "1022217",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "macos-diskimages-bo(50483)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50483"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "1022217",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022217"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0150",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "macos-diskimages-bo(50483)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50483"
},
{
"name": "34926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "1022217",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022217"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0150",
"datePublished": "2009-05-13T15:14:00.000Z",
"dateReserved": "2009-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:24:17.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0152 (GCVE-0-2009-0152)
Vulnerability from cvelistv5 – Published: 2009-05-13 15:14 – Updated: 2024-08-07 04:24- n/a
| URL | Tags |
|---|---|
| http://support.apple.com/kb/HT3549 | x_refsource_CONFIRM |
| http://secunia.com/advisories/35074 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/34926 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id?1022212 | vdb-entryx_refsource_SECTRACK |
| http://www.us-cert.gov/cas/techalerts/TA09-133A.html | third-party-advisoryx_refsource_CERT |
| http://www.vupen.com/english/advisories/2009/1297 | vdb-entryx_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:17.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "macos-ichat-ssl-weak-security(50487)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50487"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "1022212",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022212"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL Instant Messenger (AIM) communication in certain circumstances that are inconsistent with the Require SSL setting, which allows remote attackers to obtain sensitive information by sniffing the network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "macos-ichat-ssl-weak-security(50487)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50487"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "1022212",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022212"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0152",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL Instant Messenger (AIM) communication in certain circumstances that are inconsistent with the Require SSL setting, which allows remote attackers to obtain sensitive information by sniffing the network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "macos-ichat-ssl-weak-security(50487)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50487"
},
{
"name": "34926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "1022212",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022212"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0152",
"datePublished": "2009-05-13T15:14:00.000Z",
"dateReserved": "2009-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:24:17.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0153 (GCVE-0-2009-0153)
Vulnerability from cvelistv5 – Published: 2009-05-13 15:14 – Updated: 2024-08-07 04:24- n/a
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:17.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "APPLE-SA-2009-06-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "RHSA-2009:1122",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1122.html"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "macos-icu-security-bypass(50488)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50488"
},
{
"name": "ADV-2009-1522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "34974",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34974"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.icu-project.org/trac/ticket/5691"
},
{
"name": "FEDORA-2009-6121",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00336.html"
},
{
"name": "35379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35379"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "35498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35498"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "35584",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35584"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503071"
},
{
"name": "35436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35436"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "FEDORA-2009-6273",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00478.html"
},
{
"name": "oval:org.mitre.oval:def:11366",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11366"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "APPLE-SA-2009-06-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "RHSA-2009:1122",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1122.html"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "macos-icu-security-bypass(50488)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50488"
},
{
"name": "ADV-2009-1522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "34974",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34974"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.icu-project.org/trac/ticket/5691"
},
{
"name": "FEDORA-2009-6121",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00336.html"
},
{
"name": "35379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35379"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "35498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35498"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "35584",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35584"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503071"
},
{
"name": "35436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35436"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "FEDORA-2009-6273",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00478.html"
},
{
"name": "oval:org.mitre.oval:def:11366",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11366"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0153",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT3639",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "ADV-2009-1621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "APPLE-SA-2009-06-08-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "RHSA-2009:1122",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1122.html"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "macos-icu-security-bypass(50488)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50488"
},
{
"name": "ADV-2009-1522",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "34974",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34974"
},
{
"name": "APPLE-SA-2009-06-17-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "http://bugs.icu-project.org/trac/ticket/5691",
"refsource": "CONFIRM",
"url": "http://bugs.icu-project.org/trac/ticket/5691"
},
{
"name": "FEDORA-2009-6121",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00336.html"
},
{
"name": "35379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35379"
},
{
"name": "34926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "35498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35498"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "35584",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35584"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=503071",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=503071"
},
{
"name": "35436",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35436"
},
{
"name": "http://support.apple.com/kb/HT3613",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "FEDORA-2009-6273",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00478.html"
},
{
"name": "oval:org.mitre.oval:def:11366",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11366"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0153",
"datePublished": "2009-05-13T15:14:00.000Z",
"dateReserved": "2009-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:24:17.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0154 (GCVE-0-2009-0154)
Vulnerability from cvelistv5 – Published: 2009-05-13 15:14 – Updated: 2024-08-07 04:24- n/a
| URL | Tags |
|---|---|
| http://support.apple.com/kb/HT3549 | x_refsource_CONFIRM |
| http://secunia.com/advisories/35074 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/34926 | vdb-entryx_refsource_BID |
| http://www.zerodayinitiative.com/advisories/ZDI-09-023 | x_refsource_MISC |
| http://www.us-cert.gov/cas/techalerts/TA09-133A.html | third-party-advisoryx_refsource_CERT |
| http://www.vupen.com/english/advisories/2009/1297 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1022218 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/503597/100… | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:17.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "macos-ats-cff-bo(50478)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50478"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-023"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "1022218",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022218"
},
{
"name": "20090519 ZDI-09-023: Apple OS X ATSServer Compact Font Format Parsing Memory Corruption Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/503597/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code via a crafted Compact Font Format (CFF) font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "macos-ats-cff-bo(50478)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50478"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-023"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "1022218",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022218"
},
{
"name": "20090519 ZDI-09-023: Apple OS X ATSServer Compact Font Format Parsing Memory Corruption Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/503597/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0154",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code via a crafted Compact Font Format (CFF) font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "macos-ats-cff-bo(50478)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50478"
},
{
"name": "34926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-023",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-023"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "1022218",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022218"
},
{
"name": "20090519 ZDI-09-023: Apple OS X ATSServer Compact Font Format Parsing Memory Corruption Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503597/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0154",
"datePublished": "2009-05-13T15:14:00.000Z",
"dateReserved": "2009-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:24:17.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0155 (GCVE-0-2009-0155)
Vulnerability from cvelistv5 – Published: 2009-05-13 15:14 – Updated: 2024-08-07 04:24- n/a
| URL | Tags |
|---|---|
| http://support.apple.com/kb/HT3639 | x_refsource_CONFIRM |
| http://www.vupen.com/english/advisories/2009/1621 | vdb-entryx_refsource_VUPEN |
| http://support.apple.com/kb/HT3549 | x_refsource_CONFIRM |
| http://secunia.com/advisories/35074 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securitytracker.com/id?1022209 | vdb-entryx_refsource_SECTRACK |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://www.securityfocus.com/bid/34926 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.us-cert.gov/cas/techalerts/TA09-133A.html | third-party-advisoryx_refsource_CERT |
| http://www.vupen.com/english/advisories/2009/1297 | vdb-entryx_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "1022209",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022209"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "macos-coregraphics-pdf-bo(50482)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50482"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "1022209",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022209"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "macos-coregraphics-pdf-bo(50482)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50482"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT3639",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "ADV-2009-1621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "1022209",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022209"
},
{
"name": "APPLE-SA-2009-06-17-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "34926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "macos-coregraphics-pdf-bo(50482)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50482"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0155",
"datePublished": "2009-05-13T15:14:00.000Z",
"dateReserved": "2009-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:24:18.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0156 (GCVE-0-2009-0156)
Vulnerability from cvelistv5 – Published: 2009-05-13 15:14 – Updated: 2024-08-07 04:24- n/a
| URL | Tags |
|---|---|
| http://support.apple.com/kb/HT3549 | x_refsource_CONFIRM |
| http://secunia.com/advisories/35074 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://www.securityfocus.com/bid/34932 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/bid/34926 | vdb-entryx_refsource_BID |
| http://www.us-cert.gov/cas/techalerts/TA09-133A.html | third-party-advisoryx_refsource_CERT |
| http://www.securitytracker.com/id?1022215 | vdb-entryx_refsource_SECTRACK |
| http://www.vupen.com/english/advisories/2009/1297 | vdb-entryx_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "macos-launchservices-dos(50490)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50490"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "34932",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34932"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "1022215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022215"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to cause a denial of service (persistent Finder crash) via a crafted Mach-O executable that triggers an out-of-bounds memory read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "macos-launchservices-dos(50490)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50490"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "34932",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34932"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "1022215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022215"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to cause a denial of service (persistent Finder crash) via a crafted Mach-O executable that triggers an out-of-bounds memory read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "macos-launchservices-dos(50490)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50490"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "34932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34932"
},
{
"name": "34926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "1022215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022215"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0156",
"datePublished": "2009-05-13T15:14:00.000Z",
"dateReserved": "2009-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:24:18.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0157 (GCVE-0-2009-0157)
Vulnerability from cvelistv5 – Published: 2009-05-13 15:14 – Updated: 2024-08-07 04:24- n/a
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://support.apple.com/kb/HT3549 | x_refsource_CONFIRM |
| http://secunia.com/advisories/35074 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://www.securityfocus.com/bid/34926 | vdb-entryx_refsource_BID |
| http://www.us-cert.gov/cas/techalerts/TA09-133A.html | third-party-advisoryx_refsource_CERT |
| http://www.vupen.com/english/advisories/2009/1297 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1022211 | vdb-entryx_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:17.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "macos-cfnetwork-bo(50480)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50480"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "1022211",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022211"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 allows remote web servers to execute arbitrary code or cause a denial of service (application crash) via long HTTP headers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "macos-cfnetwork-bo(50480)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50480"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "34926",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "1022211",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022211"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0157",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 allows remote web servers to execute arbitrary code or cause a denial of service (application crash) via long HTTP headers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "macos-cfnetwork-bo(50480)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50480"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "34926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34926"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "1022211",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022211"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0157",
"datePublished": "2009-05-13T15:14:00.000Z",
"dateReserved": "2009-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:24:17.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0159 (GCVE-0-2009-0159)
Vulnerability from cvelistv5 – Published: 2009-04-14 15:00 – Updated: 2024-08-07 04:24- n/a
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-777-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/777-1/"
},
{
"name": "oval:org.mitre.oval:def:9634",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9634"
},
{
"name": "35137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35137"
},
{
"name": "34608",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34608"
},
{
"name": "35166",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35166"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490617"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "37471",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37471"
},
{
"name": "DSA-1801",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1801"
},
{
"name": "FEDORA-2009-5275",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html"
},
{
"name": "35308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35308"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.pardus.org.tr/show_bug.cgi?id=9532"
},
{
"name": "35253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35253"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "34481",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34481"
},
{
"name": "35138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35138"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "oval:org.mitre.oval:def:8386",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8386"
},
{
"name": "SSA:2009-154-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.566238"
},
{
"name": "SSRT101144",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "FEDORA-2009-5273",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html"
},
{
"name": "SUSE-SR:2009:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
},
{
"name": "oval:org.mitre.oval:def:19392",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19392"
},
{
"name": "35630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35630"
},
{
"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name": "ntp-cookedprint-bo(49838)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49838"
},
{
"name": "53593",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/53593"
},
{
"name": "1022033",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022033"
},
{
"name": "oval:org.mitre.oval:def:8665",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8665"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "RHSA-2009:1651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "oval:org.mitre.oval:def:5411",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5411"
},
{
"name": "RHSA-2009:1040",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-1040.html"
},
{
"name": "MDVSA-2009:092",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:092"
},
{
"name": "35416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35416"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ntp.org/bugs/show_bug.cgi?id=1144"
},
{
"name": "HPSBUX02859",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "35336",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35336"
},
{
"name": "NetBSD-SA2009-006",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc"
},
{
"name": "RHSA-2009:1039",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-1039.html"
},
{
"name": "35169",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35169"
},
{
"name": "GLSA-200905-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml"
},
{
"name": "ADV-2009-0999",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0999"
},
{
"name": "ADV-2009-3316",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch\u0026REV=1.1565"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-777-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/777-1/"
},
{
"name": "oval:org.mitre.oval:def:9634",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9634"
},
{
"name": "35137",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35137"
},
{
"name": "34608",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34608"
},
{
"name": "35166",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35166"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490617"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "37471",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37471"
},
{
"name": "DSA-1801",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1801"
},
{
"name": "FEDORA-2009-5275",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html"
},
{
"name": "35308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35308"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.pardus.org.tr/show_bug.cgi?id=9532"
},
{
"name": "35253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35253"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "34481",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34481"
},
{
"name": "35138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35138"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "oval:org.mitre.oval:def:8386",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8386"
},
{
"name": "SSA:2009-154-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.566238"
},
{
"name": "SSRT101144",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "FEDORA-2009-5273",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html"
},
{
"name": "SUSE-SR:2009:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
},
{
"name": "oval:org.mitre.oval:def:19392",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19392"
},
{
"name": "35630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35630"
},
{
"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name": "ntp-cookedprint-bo(49838)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49838"
},
{
"name": "53593",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/53593"
},
{
"name": "1022033",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022033"
},
{
"name": "oval:org.mitre.oval:def:8665",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8665"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "RHSA-2009:1651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "oval:org.mitre.oval:def:5411",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5411"
},
{
"name": "RHSA-2009:1040",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-1040.html"
},
{
"name": "MDVSA-2009:092",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:092"
},
{
"name": "35416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35416"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ntp.org/bugs/show_bug.cgi?id=1144"
},
{
"name": "HPSBUX02859",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "35336",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35336"
},
{
"name": "NetBSD-SA2009-006",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc"
},
{
"name": "RHSA-2009:1039",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-1039.html"
},
{
"name": "35169",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35169"
},
{
"name": "GLSA-200905-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml"
},
{
"name": "ADV-2009-0999",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0999"
},
{
"name": "ADV-2009-3316",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch\u0026REV=1.1565"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0159",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-777-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/777-1/"
},
{
"name": "oval:org.mitre.oval:def:9634",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9634"
},
{
"name": "35137",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35137"
},
{
"name": "34608",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34608"
},
{
"name": "35166",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35166"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=490617",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490617"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "37471",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37471"
},
{
"name": "DSA-1801",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1801"
},
{
"name": "FEDORA-2009-5275",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html"
},
{
"name": "35308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35308"
},
{
"name": "http://bugs.pardus.org.tr/show_bug.cgi?id=9532",
"refsource": "CONFIRM",
"url": "http://bugs.pardus.org.tr/show_bug.cgi?id=9532"
},
{
"name": "35253",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35253"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "34481",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34481"
},
{
"name": "35138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35138"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "oval:org.mitre.oval:def:8386",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8386"
},
{
"name": "SSA:2009-154-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.566238"
},
{
"name": "SSRT101144",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "FEDORA-2009-5273",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html"
},
{
"name": "SUSE-SR:2009:011",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
},
{
"name": "oval:org.mitre.oval:def:19392",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19392"
},
{
"name": "35630",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35630"
},
{
"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name": "ntp-cookedprint-bo(49838)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49838"
},
{
"name": "53593",
"refsource": "OSVDB",
"url": "http://osvdb.org/53593"
},
{
"name": "1022033",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022033"
},
{
"name": "oval:org.mitre.oval:def:8665",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8665"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "RHSA-2009:1651",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "oval:org.mitre.oval:def:5411",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5411"
},
{
"name": "RHSA-2009:1040",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2009-1040.html"
},
{
"name": "MDVSA-2009:092",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:092"
},
{
"name": "35416",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35416"
},
{
"name": "https://support.ntp.org/bugs/show_bug.cgi?id=1144",
"refsource": "CONFIRM",
"url": "https://support.ntp.org/bugs/show_bug.cgi?id=1144"
},
{
"name": "HPSBUX02859",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "35336",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35336"
},
{
"name": "NetBSD-SA2009-006",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc"
},
{
"name": "RHSA-2009:1039",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2009-1039.html"
},
{
"name": "35169",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35169"
},
{
"name": "GLSA-200905-08",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml"
},
{
"name": "ADV-2009-0999",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0999"
},
{
"name": "ADV-2009-3316",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"name": "http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch\u0026REV=1.1565",
"refsource": "CONFIRM",
"url": "http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch\u0026REV=1.1565"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0159",
"datePublished": "2009-04-14T15:00:00.000Z",
"dateReserved": "2009-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:24:18.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.