CVE-2009-2411

Published Aug 7, 2009
Last updated 7 years ago
CVSS info 8.5
Overview

Description: Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412.
Source: secalert@redhat.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 8.5
Impact score: 10
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:C/I:C/A:C
Weaknesses

nvd@nist.gov: CWE-189
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:subversion:subversion:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0434A631-5531-4C32-B5C5-730CA1890441",
            "versionEndIncluding": "1.5.6"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.22.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46EA6517-6361-449E-8A50-3E8706A71211"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.23.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "473B6660-AED8-4805-A48F-F4A18A4AB94F"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.24.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F087A7F-7D7D-4377-B7CD-FC0775A33568"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.24.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00E49F61-BC1D-4B0F-859F-89C331DA0E39"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.24.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D44285DE-6FD7-4B0D-9715-1E6D31FAB6BC"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.25.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D18EA18-8EB3-4924-B428-A4D329A87C8B"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.27.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48BB82A4-223F-43E3-8EE2-BA6276F51A1A"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.28.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE0D2D18-5141-4070-9390-2027967CBD4E"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.28.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07F3F14A-AD74-4318-A830-08DED8189E7D"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.28.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56ADDE86-635F-4F24-A320-CBBE076BA182"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.29.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56AD9198-B051-4E0E-9B0B-CE99346EFF05"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.30.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A81E5045-969D-4064-A7DB-9F902D600251"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.31.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61B5A517-AAD4-44AE-8B1B-F1BA3F9C21B8"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.32.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5342EE15-7AAD-4666-BEFB-172A7CE5BC96"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.32.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71AD1DC9-1BEA-4C81-A4EF-B78B2344C65E"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.33.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01A71B55-7F08-40BD-A60E-4EF679388B1F"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.33.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39AA93C8-0CC1-46D0-8B67-2A3846BBDA45"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.34.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFC08C9E-DC76-4F5E-9CA2-7952CC332EB2"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.35.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BB20C00-C6D6-4175-B659-018C4F4A1167"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.35.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "139E706E-202C-45B4-A5E3-2CDEEA14E20B"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.36.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF79BC49-E4CD-4DCA-860F-A27F0371D4B1"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:0.37.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C12BDC3-6B07-47DD-96C8-1FA9F4B7BFE2"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F10E314-3897-4A63-AE40-F4E34C3F0BFA"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD801B94-DBE2-4A65-9428-8D4FC581866A"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47B95A69-2535-4844-B819-082D4349708C"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "930953B4-E972-48FB-913B-169E91F93FD6"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B41D875-F515-4A3F-9AA5-79BD09F74C30"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A8CCC20-8986-4028-B125-66F371A4A1D1"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E07F13C-A6FC-49E8-B10E-E4FC1F182DA5"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04AB9C70-10CB-460B-91AD-1D79C9153194"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1E718DB-2A79-4277-BA15-6E6A904E483A"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E10F1DA-64E9-4567-8727-3AE8A6788A23"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A8CED53-EC94-480C-BCBD-EE045F0AA2A4"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27FC24BB-5BF3-4A25-A5C0-F5A224736F77"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.1.0_rc1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "286B7EBD-D663-440C-859B-1E0EE839AEB9"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.1.0_rc2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "408EC889-4D8B-49FC-9281-AC85559BB774"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.1.0_rc3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1E2A83E-A244-4F1E-85E9-6EA075D32C5B"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "212AC756-866F-43F6-9659-61554824B884"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B612E0A1-C0F8-4E69-B32C-356ADE7F82E2"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19B8E241-9E28-4627-8FBB-18CF5D12B11C"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3D528D6-37F5-40D0-BAF2-CCA214862C19"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E73FF73-1F94-4657-83E2-375311A94440"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2FAC312-66F0-4C9E-95DF-0C61F07A834D"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC9E80F6-728C-4474-AB90-23DF119E83DA"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "051434CF-6B62-4C29-B71A-C8800F048A07"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "339A1BAC-F631-4355-9889-CE5EAC2FCB46"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72315FB6-EDB2-43AB-9DA8-E27118C84C08"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C099833-CC13-47DD-9E6A-E10BF8103401"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAF74121-52AC-4EA8-9B51-BA68ED766ABC"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC6B791F-2DB2-4428-80DB-3203FD8868ED"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE0754E5-044C-445B-846F-1B7C7664F6BC"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D938FBF-02E3-4713-A7DB-7C552C65471C"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A882A7B-5E03-4FC4-A92E-3681C67A0CA6"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AF0C2C6-5FC0-4FB2-B31C-B9174789F904"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3D435D7-F523-4B8B-988F-37F85DA7ECCB"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5CCBE47-1BD4-494A-8B9B-CB062F9741B2"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "457BD304-23A2-4FB4-AE9F-9F462DC27DD2"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7899D782-7544-4113-AE78-B724689EDC74"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85E5887A-A560-40AA-96D4-45D65D9A9C16"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C461DA24-27D3-44C6-A5A3-17716616C696"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FBF9A45-958C-4C65-B8AE-A7214D6A6922"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DE31846-6A08-47D5-8D20-D627DED5D8E4"
          },
          {
            "criteria": "cpe:2.3:a:subversion:subversion:1.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45B6D800-A4A5-4835-941C-31C3FD00D5F9"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
