fkie_cve-2009-3930
Vulnerability from fkie_nvd
Published
2009-11-10 19:30
Modified
2024-11-21 01:08
Severity ?
Summary
Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.
References
cve@mitre.orghttp://mx.gw.com/pipermail/file/2009/000382.html
cve@mitre.orghttp://www.securityfocus.com/bid/37074
af854a3a-2127-422b-91ae-364da2661108http://mx.gw.com/pipermail/file/2009/000382.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/37074
Impacted products
Vendor Product Version
christos_zoulas file *
christos_zoulas file 3.30
christos_zoulas file 3.31
christos_zoulas file 3.32
christos_zoulas file 3.33
christos_zoulas file 3.34
christos_zoulas file 3.36
christos_zoulas file 3.37
christos_zoulas file 3.38
christos_zoulas file 3.39
christos_zoulas file 3.40
christos_zoulas file 3.41
christos_zoulas file 4.01
christos_zoulas file 4.02
christos_zoulas file 4.03
christos_zoulas file 4.04
christos_zoulas file 4.06
christos_zoulas file 4.07
christos_zoulas file 4.08
christos_zoulas file 4.09
christos_zoulas file 4.11
christos_zoulas file 4.12
christos_zoulas file 4.13
christos_zoulas file 4.14
christos_zoulas file 4.15
christos_zoulas file 4.16
christos_zoulas file 4.17
christos_zoulas file 4.19
christos_zoulas file 4.20
christos_zoulas file 4.21
christos_zoulas file 4.23
christos_zoulas file 4.24
christos_zoulas file 4.25
christos_zoulas file 4.26
christos_zoulas file 5.00


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03FC99B1-2B8B-4D1A-9862-88C7A11F5012",
              "versionEndIncluding": "5.01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:3.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "54717F95-DCD4-4AA0-989B-A72545496314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:3.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "83AA36FC-A47F-45AA-8754-E975BF5C75C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:3.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7DE688C-1F8F-4769-B041-3692CB8447F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:3.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BA3C5EE-F2F4-4906-A9CA-4D7D7CA5E2AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:3.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA857D0-9938-4109-8057-06E9EDFDC0A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:3.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "172DF2EE-C32A-42FE-BEDD-0DE98A00218D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:3.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "483B2F0D-0246-42EE-9E59-AA301C6761A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:3.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C168BDF-B1DB-4948-BD33-0CD584F8DD47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "140B2E4F-ACD7-473F-A6D6-207F23128C57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:3.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "354A89D8-6C36-4EF7-B5BE-8D2179E96788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:3.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "045C73F3-864C-4FFB-9E51-DE9CCA3C8D63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "92CA097D-A58D-4EA9-BC52-7014D464F087",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01BCBD5-EDD3-4FB6-AEF5-55DD4B0397A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE8DA90-3E99-4F94-890F-EA09CA39826A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "02BD52B1-FDB6-4640-AB27-A3A75C74BB4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D839F4E-4DE8-4101-9EAA-B8930AABF48C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "24E893D9-89C6-4230-BF26-5430A8E83A45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE7CB9E5-4E6C-4D79-B9ED-E60B7D45FC5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.09:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E788A36-73FF-4DE7-BA18-66C6ECA9911F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "188DA67D-E441-4BCF-9BCF-BF02F501AE32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "56463FD8-B9D5-467D-BFEA-81B92C086B3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC7752D6-36CD-4121-9F89-CFABB0C55D52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1CAF79C-8839-489D-A2B3-ECB97A48B6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "602676CC-21E6-4826-9A00-C56A6A655587",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4D3F0C9-6573-4871-83BB-19E5AE8EEFA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F4D59F2-FD8B-472E-9A01-F1950619DA7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "289D758F-8662-49F3-B532-A00AD29D9867",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2BB0AD8-68BA-4DFB-A911-6DDE25823640",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "B534C755-B24A-4A7A-B60E-255F2B0E4880",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BCE9B1F-7793-4B3B-9CED-DC5296A33EA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "45027274-FB37-4F06-A9A0-C2D288E1E6DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC84FE48-475F-4573-9BF2-8C62C2743C95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF4822A6-7715-4A10-9463-79F5537CE5EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:christos_zoulas:file:5.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FF256D-3DD4-41A8-B119-D20A493A6EA5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamiento de b\u00fafer en Christos Zoulas file before v5.02 permite a atacantes asistidos remotamente por usuarios tienen un impacto no especificado a trav\u00e9s de un componente de documento manipulado (como cdf) archivo que provoca un desbordamiento de b\u00fafer."
    }
  ],
  "id": "CVE-2009-3930",
  "lastModified": "2024-11-21T01:08:32.170",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-11-10T19:30:01.687",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://mx.gw.com/pipermail/file/2009/000382.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://mx.gw.com/pipermail/file/2009/000382.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37074"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.