mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
83 lines
2.4 KiB
JSON
83 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2009-3476",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x before 1.3.4, and XMLTooling before 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x before 2.2.1, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed encoded URL."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "http://shibboleth.internet2.edu/secadv/secadv_20090826.txt",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://shibboleth.internet2.edu/secadv/secadv_20090826.txt"
|
|
},
|
|
{
|
|
"name" : "36514",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/36514"
|
|
},
|
|
{
|
|
"name" : "36869",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/36869"
|
|
},
|
|
{
|
|
"name" : "36870",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/36870"
|
|
},
|
|
{
|
|
"name" : "opensaml-xmltooling-url-bo(53471)",
|
|
"refsource" : "XF",
|
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53471"
|
|
}
|
|
]
|
|
}
|
|
}
|