fkie_cve-2009-4212
Vulnerability from fkie_nvd
Published
2010-01-13 19:30
Modified
2024-11-21 01:09
Severity ?
Summary
Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.
References
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html
cve@mitre.orghttp://marc.info/?l=bugtraq&m=130497213107107&w=2
cve@mitre.orghttp://marc.info/?l=bugtraq&m=130497213107107&w=2
cve@mitre.orghttp://secunia.com/advisories/38080
cve@mitre.orghttp://secunia.com/advisories/38108
cve@mitre.orghttp://secunia.com/advisories/38126
cve@mitre.orghttp://secunia.com/advisories/38140
cve@mitre.orghttp://secunia.com/advisories/38184
cve@mitre.orghttp://secunia.com/advisories/38203
cve@mitre.orghttp://secunia.com/advisories/38696
cve@mitre.orghttp://secunia.com/advisories/40220
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1
cve@mitre.orghttp://support.apple.com/kb/HT4188
cve@mitre.orghttp://support.avaya.com/css/P8/documents/100074869
cve@mitre.orghttp://ubuntu.com/usn/usn-881-1
cve@mitre.orghttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txtPatch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2010/dsa-1969
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2010:006
cve@mitre.orghttp://www.securityfocus.com/bid/37749
cve@mitre.orghttp://www.securitytracker.com/id?1023440
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/0096
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/0129
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/1481
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=545015Patch
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192
cve@mitre.orghttps://rhn.redhat.com/errata/RHSA-2010-0029.html
cve@mitre.orghttps://rhn.redhat.com/errata/RHSA-2010-0095.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=130497213107107&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=130497213107107&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38080
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38108
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38126
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38140
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38184
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38203
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38696
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40220
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4188
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/css/P8/documents/100074869
af854a3a-2127-422b-91ae-364da2661108http://ubuntu.com/usn/usn-881-1
af854a3a-2127-422b-91ae-364da2661108http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-1969
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:006
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/37749
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1023440
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0096
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0129
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1481
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=545015Patch
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2010-0029.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2010-0095.html
Impacted products
Vendor Product Version
mit kerberos 5-1.6.3
mit kerberos_5 1.3
mit kerberos_5 1.3.1
mit kerberos_5 1.3.2
mit kerberos_5 1.3.3
mit kerberos_5 1.3.4
mit kerberos_5 1.3.5
mit kerberos_5 1.3.6
mit kerberos_5 1.4
mit kerberos_5 1.4.1
mit kerberos_5 1.4.2
mit kerberos_5 1.4.3
mit kerberos_5 1.4.4
mit kerberos_5 1.5
mit kerberos_5 1.5.1
mit kerberos_5 1.5.2
mit kerberos_5 1.5.3
mit kerberos_5 1.6
mit kerberos_5 1.6.1
mit kerberos_5 1.6.2
mit kerberos_5 1.7


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "032730AE-1E53-4CA2-96FD-AD60CD27F3CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F01A83F-3BD1-4DED-979A-B4B6B23039FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACEB5A36-8F72-417A-AC92-149612EC7BCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B8704B5-F37B-4C61-A924-3774A29BFEB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F953CEBA-BAC0-48DF-A3D0-1FABCC9963E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED81A044-8A7B-4EEF-A4B3-EA49D76FAAED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "30AA5727-BD83-45CF-B308-BA5F8A577B9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E088E64-6FBD-4148-8F78-506364B7BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "52F0EECF-7787-442B-9888-D22F7D36C3DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF344AED-BE00-4A9B-A9DE-C6FB0BEE4617",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "567406CA-58D8-453E-B36E-6D1D2EFC8EB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7830E03F-A813-4E35-893E-BF27395CEFB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7764411E-C056-4696-822E-235F2620FAC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD315AE-868B-4061-BF01-CDBF59B02499",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B639DD5F-71C7-4D9B-BA5C-51CAF64140B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B904DCE-D59F-45C7-A814-DE42CF02792D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9957FE9E-1E89-4C27-852C-44F866A1834E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C382DAA-68D2-4DD9-BE29-8EEB0BAF1A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "73BB258E-51CF-4D12-836B-BCEA587A3F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F81DE01C-BA3B-40B4-BD85-17692F0AF8A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB1190E-BE7A-4C6B-862D-D5747C64E980",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de desbordamiento de entero en la funcionalidad de desencriptado AES y RC4 en la biblioteca crypto en MIT Kerberos 5 (tambi\u00e9n conocido comokrb5) v1.3 a la v1.6.3, y 1.7 anterior a v1.7.1, permite a atacantes remotos provocar una denegaci\u00f3n de servici\u00f3n (ca\u00edda de demonio) o posiblemente la ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n  facilitando texto cifrado (ciphertext) con un tama\u00f1o menor al v\u00e1lido."
    }
  ],
  "evaluatorImpact": "Per: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt\r\n\r\n\r\n\"Only releases krb5-1.3 and later are vulnerable, as\r\nearlier releases did not contain the functionality implemented by the\r\nvulnerable code.\r\n\r\nThis is an implementation vulnerability in MIT krb5, and is not a\r\nvulnerability in the Kerberos protocol.\"",
  "evaluatorSolution": "Per: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt\r\n\r\n\r\nFIXES\r\n=====\r\n\r\n* The upcoming krb5-1.7.1 and krb5-1.6.4 releases will contain a fix\r\n  for this vulnerability.\r\n\r\n* For the krb5-1.7 release, apply the patch available at:\r\n\r\n  http://web.mit.edu/kerberos/advisories/2009-004-patch_1.7.txt\r\n\r\n  A PGP-signed patch is available at\r\n\r\n  http://web.mit.edu/kerberos/advisories/2009-004-patch_1.7.txt.asc\r\n\r\n\r\n* For the krb5-1.6 releases, apply the patch available at:\r\n\r\n  http://web.mit.edu/kerberos/advisories/2009-004-patch_1.6.3.txt\r\n\r\n  A PGP-signed patch is available at\r\n\r\n  http://web.mit.edu/kerberos/advisories/2009-004-patch_1.6.3.txt.asc\r\n\r\n* The krb5-1.6.3 patch might apply successfully to older releases.\r\n",
  "id": "CVE-2009-4212",
  "lastModified": "2024-11-21T01:09:10.027",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-01-13T19:30:00.607",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/38080"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/38108"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/38126"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/38140"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/38184"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/38203"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/38696"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/40220"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT4188"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/css/P8/documents/100074869"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://ubuntu.com/usn/usn-881-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2010/dsa-1969"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:006"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37749"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1023440"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/0096"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/0129"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/1481"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=545015"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://rhn.redhat.com/errata/RHSA-2010-0029.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38108"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38184"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38203"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/40220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4188"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/css/P8/documents/100074869"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ubuntu.com/usn/usn-881-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-1969"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023440"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0096"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=545015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2010-0029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.