CVE-2009-1490
published 2009-05-05CVE-2009-1490: Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code…
medium5CVSS 3.1
AVNACLAuNCNINAP
EXPLOIT
Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.
Affected
56 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | sendmail | < sendmail 8.13.2-0 (bookworm) | sendmail 8.13.2-0 (bookworm) |
| sendmail | sendmail | <= 8.13.1.2 | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
| sendmail | sendmail | — | — |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM