CVE-2009-1956
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2009-1956
Status
Candidate
Description
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
Severity
Medium
CVSS score
6,4
CVSS vector
(AV:N/AC:L/Au:N/C:P/I:N/A:P)
Phase
Assigned (18.07.2011)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1956
References
BID :
35251
CONFIRM :
http://svn.apache.org/viewvc?view=rev&revision...
CONFIRM :
http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3
CONFIRM :
https://bugzilla.redhat.com/show_bug.cgi?id=504390
MANDRIVA :
MDVSA-2009:131
MLIST :
[dev] 20090424 Buffer overflow in apr_brigade_vprintf() ?
MLIST :
[dev] 20090424 Re: Buffer overflow in apr_brigade_vprintf() ?
MLIST :
[oss-security] 20090605 CVE Request (apr-util)
UBUNTU :
USN-786-1
SecurityVulns:
Apache apr-util webDav DoS
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
