CVE-2009-5028

Published Nov 30, 2011

Last updated 8 years ago

CVSS info 7.5

Overview

Description: Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CFC363B-2848-4DB3-9C1C-BCB4D595B8E8",
            "versionEndIncluding": "2.0.19"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E9E6345-F6AF-4AC4-B9A5-54EDAB3E49CB"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F17EB317-5BCF-4756-8F1E-FD3303BBC662"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71C4F1F4-53D0-4EE4-8F6C-171E9B43A942"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46FB42D2-C51A-4C2B-97DC-308246D7D853"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E70426F-C511-4582-BF05-448CCFB52607"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FB99CD9-3892-4F06-AE5A-66741CE8201F"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC5AC101-DF8C-4517-9F46-64E4201D2D9F"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CD2D7C9-9A19-4122-B2EF-EF7F53AC58C9"
          },
          {
            "criteria": "cpe:2.3:a:namazu:namazu:2.0.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C77F8A22-1EF7-4C39-B220-0E459EB7E9C4"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References