certfr_avis - certa-2010-avi-013

CERTA-2010-AVI-013

Vulnerability from certfr_avis

Une vulnérabilité dans MIT Kerberos permet à une personne malintentionnée d'exécuter du code arbitraire à distance.

Description

Une erreur dans les opérations de déchiffrement AES et RC4 de la bibliothèque cryptographique de MIT Kerberos permet à une personne distante malintentionnée d'exécuter du code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

MIT Kerberos version 1.3 et postérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

CVE-2009-4212 (GCVE-0-2009-4212)

Vulnerability from cvelistv5

Published

2010-01-13 19:00

Modified

2024-08-07 06:54

Severity ?

CWE

Summary

Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.

References

URL

Tags

	http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://secunia.com/advisories/38140	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/0096	vdb-entry, x_refsource_VUPEN
	http://support.avaya.com/css/P8/documents/100074869	x_refsource_CONFIRM
	http://secunia.com/advisories/38126	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2010/dsa-1969	vendor-advisory, x_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2010/1481	vdb-entry, x_refsource_VUPEN
	http://ubuntu.com/usn/usn-881-1	vendor-advisory, x_refsource_UBUNTU
	http://marc.info/?l=bugtraq&m=130497213107107&w=2	vendor-advisory, x_refsource_HP
	http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html	vendor-advisory, x_refsource_FEDORA
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:006	vendor-advisory, x_refsource_MANDRIVA
	http://www.securitytracker.com/id?1023440	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/38080	third-party-advisory, x_refsource_SECUNIA
	http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1	vendor-advisory, x_refsource_SUNALERT
	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1	vendor-advisory, x_refsource_SUNALERT
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/38203	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=545015	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html	vendor-advisory, x_refsource_FEDORA
	http://support.apple.com/kb/HT4188	x_refsource_CONFIRM
	http://secunia.com/advisories/40220	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/38108	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/37749	vdb-entry, x_refsource_BID
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272	vdb-entry, signature, x_refsource_OVAL
	https://rhn.redhat.com/errata/RHSA-2010-0029.html	vendor-advisory, x_refsource_REDHAT
	https://rhn.redhat.com/errata/RHSA-2010-0095.html	vendor-advisory, x_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/38696	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/0129	vdb-entry, x_refsource_VUPEN
	http://marc.info/?l=bugtraq&m=130497213107107&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/38184	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:54:10.078Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2010-06-15-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
          },
          {
            "name": "38140",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38140"
          },
          {
            "name": "ADV-2010-0096",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0096"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/css/P8/documents/100074869"
          },
          {
            "name": "38126",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38126"
          },
          {
            "name": "DSA-1969",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-1969"
          },
          {
            "name": "ADV-2010-1481",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1481"
          },
          {
            "name": "USN-881-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-881-1"
          },
          {
            "name": "SSRT100495",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt"
          },
          {
            "name": "FEDORA-2010-0503",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html"
          },
          {
            "name": "MDVSA-2010:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:006"
          },
          {
            "name": "1023440",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023440"
          },
          {
            "name": "38080",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38080"
          },
          {
            "name": "275530",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1"
          },
          {
            "name": "1021779",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1"
          },
          {
            "name": "oval:org.mitre.oval:def:8192",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192"
          },
          {
            "name": "38203",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38203"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=545015"
          },
          {
            "name": "FEDORA-2010-0515",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4188"
          },
          {
            "name": "40220",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40220"
          },
          {
            "name": "38108",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38108"
          },
          {
            "name": "37749",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37749"
          },
          {
            "name": "oval:org.mitre.oval:def:11272",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272"
          },
          {
            "name": "RHSA-2010:0029",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0029.html"
          },
          {
            "name": "RHSA-2010:0095",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
          },
          {
            "name": "oval:org.mitre.oval:def:7357",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357"
          },
          {
            "name": "38696",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38696"
          },
          {
            "name": "ADV-2010-0129",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0129"
          },
          {
            "name": "HPSBOV02682",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2"
          },
          {
            "name": "38184",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38184"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "APPLE-SA-2010-06-15-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
        },
        {
          "name": "38140",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38140"
        },
        {
          "name": "ADV-2010-0096",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0096"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/css/P8/documents/100074869"
        },
        {
          "name": "38126",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38126"
        },
        {
          "name": "DSA-1969",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-1969"
        },
        {
          "name": "ADV-2010-1481",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1481"
        },
        {
          "name": "USN-881-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-881-1"
        },
        {
          "name": "SSRT100495",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt"
        },
        {
          "name": "FEDORA-2010-0503",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html"
        },
        {
          "name": "MDVSA-2010:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:006"
        },
        {
          "name": "1023440",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023440"
        },
        {
          "name": "38080",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38080"
        },
        {
          "name": "275530",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1"
        },
        {
          "name": "1021779",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1"
        },
        {
          "name": "oval:org.mitre.oval:def:8192",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192"
        },
        {
          "name": "38203",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38203"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=545015"
        },
        {
          "name": "FEDORA-2010-0515",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4188"
        },
        {
          "name": "40220",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40220"
        },
        {
          "name": "38108",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38108"
        },
        {
          "name": "37749",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37749"
        },
        {
          "name": "oval:org.mitre.oval:def:11272",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272"
        },
        {
          "name": "RHSA-2010:0029",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2010-0029.html"
        },
        {
          "name": "RHSA-2010:0095",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
        },
        {
          "name": "oval:org.mitre.oval:def:7357",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357"
        },
        {
          "name": "38696",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38696"
        },
        {
          "name": "ADV-2010-0129",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0129"
        },
        {
          "name": "HPSBOV02682",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2"
        },
        {
          "name": "38184",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38184"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4212",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2010-06-15-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
            },
            {
              "name": "38140",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38140"
            },
            {
              "name": "ADV-2010-0096",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0096"
            },
            {
              "name": "http://support.avaya.com/css/P8/documents/100074869",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/css/P8/documents/100074869"
            },
            {
              "name": "38126",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38126"
            },
            {
              "name": "DSA-1969",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2010/dsa-1969"
            },
            {
              "name": "ADV-2010-1481",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1481"
            },
            {
              "name": "USN-881-1",
              "refsource": "UBUNTU",
              "url": "http://ubuntu.com/usn/usn-881-1"
            },
            {
              "name": "SSRT100495",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2"
            },
            {
              "name": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt",
              "refsource": "CONFIRM",
              "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-004.txt"
            },
            {
              "name": "FEDORA-2010-0503",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html"
            },
            {
              "name": "MDVSA-2010:006",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:006"
            },
            {
              "name": "1023440",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1023440"
            },
            {
              "name": "38080",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38080"
            },
            {
              "name": "275530",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1"
            },
            {
              "name": "1021779",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1"
            },
            {
              "name": "oval:org.mitre.oval:def:8192",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192"
            },
            {
              "name": "38203",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38203"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=545015",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=545015"
            },
            {
              "name": "FEDORA-2010-0515",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4188",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4188"
            },
            {
              "name": "40220",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40220"
            },
            {
              "name": "38108",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38108"
            },
            {
              "name": "37749",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37749"
            },
            {
              "name": "oval:org.mitre.oval:def:11272",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272"
            },
            {
              "name": "RHSA-2010:0029",
              "refsource": "REDHAT",
              "url": "https://rhn.redhat.com/errata/RHSA-2010-0029.html"
            },
            {
              "name": "RHSA-2010:0095",
              "refsource": "REDHAT",
              "url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
            },
            {
              "name": "oval:org.mitre.oval:def:7357",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357"
            },
            {
              "name": "38696",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38696"
            },
            {
              "name": "ADV-2010-0129",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0129"
            },
            {
              "name": "HPSBOV02682",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=130497213107107\u0026w=2"
            },
            {
              "name": "38184",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38184"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4212",
    "datePublished": "2010-01-13T19:00:00",
    "dateReserved": "2009-12-04T00:00:00",
    "dateUpdated": "2024-08-07T06:54:10.078Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted