mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
100 lines
3.0 KiB
JSON
100 lines
3.0 KiB
JSON
{
|
|
"id": "CVE-2009-2415",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2009-08-10T18:30:00.327",
|
|
"lastModified": "2009-12-19T06:56:21.907",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "M\u00faltiples desbordamientos de entero en memcached v1.1.12 y v1.2.2 permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores de ataque que involucran los atributos de longitud que provocan desbordamientos de b\u00fafer basados en memoria din\u00e1mica."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 10.0
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": true,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-189"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:memcachedb:memcached:1.1.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "84BF997C-79FB-41F3-A4F5-455652BB2015"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:memcachedb:memcached:1.2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E8789BF3-CA97-4DA2-99C4-53350CEEBB62"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://security.debian.org/pool/updates/main/m/memcached/memcached_1.1.12-1+etch1.diff.gz",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://security.debian.org/pool/updates/main/m/memcached/memcached_1.2.2-1+lenny1.diff.gz",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2009/dsa-1853",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/35989",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00836.html",
|
|
"source": "secalert@redhat.com"
|
|
}
|
|
]
|
|
} |