CVE-2009-2412

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 04-08-2009 02:00

Last modified: - 04-08-2009 02:00

Total changes: - 7

Description

CVE-2009-2412 apr, apr-util: Integer overflows in memory pool (apr) and relocatable memory (apr-util) management

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:P/I:P/A:P

Low

Attack complexity

Network

Attack vector

Low

Availability

Low

Confidentiality

Low

Integrity

-

Privileges required

-

Scope

-

User interaction

6.8

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=httpd22-0 AND versionEndExcluding=2.2.10-24.1.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=ant-0 AND versionEndExcluding=1.6.5-1jpp_1rh

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=avalon-logkit-0 AND versionEndExcluding=1.2-2jpp_4rh

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=axis-0 AND versionEndExcluding=1.2.1-1jpp_3rh

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=classpathx-jaf-0 AND versionEndExcluding=1.0-2jpp_6rh

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=classpathx-mail-0 AND versionEndExcluding=1.1.1-2jpp_8rh

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=geronimo-specs-0 AND versionEndExcluding=1.0-0.M4.1jpp_10rh

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=jakarta-commons-modeler-0 AND versionEndExcluding=2.0-3jpp_2rh

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=log4j-0 AND versionEndExcluding=1.2.12-1jpp_1rh

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=mx4j-1 AND versionEndExcluding=3.0.1-1jpp_4rh

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=pcsc-lite-0 AND versionEndExcluding=1.3.3-3.el4

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=rhpki-ca-0 AND versionEndExcluding=7.3.0-20.el4

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=rhpki-java-tools-0 AND versionEndExcluding=7.3.0-10.el4

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=rhpki-kra-0 AND versionEndExcluding=7.3.0-14.el4

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=rhpki-manage-0 AND versionEndExcluding=7.3.0-19.el4

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=rhpki-native-tools-0 AND versionEndExcluding=7.3.0-6.el4

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=rhpki-ocsp-0 AND versionEndExcluding=7.3.0-13.el4

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=rhpki-tks-0 AND versionEndExcluding=7.3.0-13.el4

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=Tomcat AND versionEndExcluding=5.5.23-0jpp_4rh.16

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=xerces-j2-0 AND versionEndExcluding=2.7.1-1jpp_1rh

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=xml-commons-0 AND versionEndExcluding=1.3.02-2jpp_1rh

vendor=Red Hat Enterprise Linux AND product=certificate_system AND version=7.3

AND

product=httpd-0 AND versionEndExcluding=2.0.46-75.ent

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=3

AND

product=apr-0 AND versionEndExcluding=0.9.4-24.9.el4_8.2

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=4

AND

product=apr-util-0 AND versionEndExcluding=0.9.4-22.el4_8.2

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=4

AND

product=apr-0 AND versionEndExcluding=1.2.7-11.el5_3.1

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=5

AND

product=apr-util-0 AND versionEndExcluding=1.2.7-7.el5_3.2

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=5

Reference

Keywords

REDHAT

CVE-2009-2412

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.