CVE-2009-4292

Published Dec 10, 2009

Last updated 8 years ago

CVSS info 9.3

Overview

Description: Buffer overflow in the URL filtering function in Internet Initiative Japan SEIL/X1, SEIL/X2, and SEIL/B1 firmware 2.40 through 2.51 allows remote attackers to execute arbitrary code via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:iij:seil\\/x1_firmware:2.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23564CCD-7EF3-4457-99FB-BFE966D35D5B"
          },
          {
            "criteria": "cpe:2.3:a:iij:seil\\/x1_firmware:2.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD52B307-EA12-48FC-ACD5-01AEDED44A5D"
          },
          {
            "criteria": "cpe:2.3:a:iij:seil\\/x1_firmware:2.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36F1D4E9-40BB-4BA6-9C44-5E06C8D98291"
          },
          {
            "criteria": "cpe:2.3:a:iij:seil\\/x1_firmware:2.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF6EC374-64D2-4990-A4C4-86529CCF27C5"
          },
          {
            "criteria": "cpe:2.3:a:iij:seil\\/x1_firmware:2.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAAA887F-7944-4C31-A191-0A39BC4E6544"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:iij:seil\\/x1:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A63E557-3BA6-4E0E-8597-BAA112B21DEF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:iij:seil\\/b1_firmware:2.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "488614FD-E4DF-4E6B-B928-444D98076F4A"
          },
          {
            "criteria": "cpe:2.3:a:iij:seil\\/b1_firmware:2.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6A638B5-5FBC-4193-879D-883CF2777200"
          },
          {
            "criteria": "cpe:2.3:a:iij:seil\\/b1_firmware:2.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCE84A44-AAB5-4D3F-ADE5-617E58B14E68"
          },
          {
            "criteria": "cpe:2.3:a:iij:seil\\/b1_firmware:2.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "507272EC-6B90-46DA-9E9A-EF5DCB770E7D"
          },
          {
            "criteria": "cpe:2.3:a:iij:seil\\/b1_firmware:2.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C74FA35-319D-4B10-868A-A6CFAD137978"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:iij:seil\\/b1:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BE3BBD4-FB2E-4543-9149-0452B26FAC31"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:iij:seil\\/x2_firmware:2.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "416DCB14-271A-4578-9AE7-418C75ADC4C7"
          },
          {
            "criteria": "cpe:2.3:a:iij:seil\\/x2_firmware:2.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEBFCE3F-FE95-4559-A972-5241D48CB902"
          },
          {
            "criteria": "cpe:2.3:a:iij:seil\\/x2_firmware:2.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0064F721-57E1-4AC4-A3C3-92E05B64F0F2"
          },
          {
            "criteria": "cpe:2.3:a:iij:seil\\/x2_firmware:2.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED8A76A3-9CD8-4A3C-BDD4-53407A92E527"
          },
          {
            "criteria": "cpe:2.3:a:iij:seil\\/x2_firmware:2.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "509DC30B-7D2F-43A7-9FD3-71FC405F520E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:iij:seil\\/x2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF54D2DC-48BF-4E7D-BC33-1010B8DBF9E2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References