CVE-2009-1499
published 2009-05-01CVE-2009-1499: SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article…
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.84%
76.3th percentile
SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2009-2981 acroread: Trust Manager restrictions bypass fixed in 8.1.7 (APSB09-15)
bugzilla·2009-10-13·CVSS 9.3
CVE-2009-2981 [CRITICAL] CVE-2009-2981 acroread: Trust Manager restrictions bypass fixed in 8.1.7 (APSB09-15)
CVE-2009-2981 acroread: Trust Manager restrictions bypass fixed in 8.1.7 (APSB09-15)
Adobe has published a security bulletin APSB09-15 for security issue
leading to bypass of intended security restrictions, addressed in
Adobe Reader and Acrobat products:
http://www.adobe.com/support/security/bulletins/apsb09-15.html
Quoting Adobe bulletin APSB09-15 for issues descriptions:
This update resolves an input validation issue that could potentially
lead to a bypass of Trust Manager restrictions (CVE-2009-2981).
Discussion:
This issue has been addressed in following products:
Extras for RHEL 3
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:1499 https://rhn.redhat.com/errata/RHSA-2009-1499.html
Bugzilla
CVE-2009-3459 acroread: heap overflow fix in version 8.1.7 (APSB09-15)
bugzilla·2009-10-08·CVSS 9.3
CVE-2009-3459 [CRITICAL] CVE-2009-3459 acroread: heap overflow fix in version 8.1.7 (APSB09-15)
CVE-2009-3459 acroread: heap overflow fix in version 8.1.7 (APSB09-15)
Adobe has published a security bulletin APSB09-15 for heap overflow issue,
leading to arbitrary code execution, addressed in Adobe Reader and Acrobat
products:
http://www.adobe.com/support/security/bulletins/apsb09-15.html
Quoting Adobe bulletin APSB09-15 for issue descriptions:
This update resolves a heap overflow vulnerability that could lead
to code execution (CVE-2009-3459).
Discussion:
This issue has been addressed in following products:
Extras for RHEL 3
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:1499 https://rhn.redhat.com/errata/RHSA-2009-1499.html
2009-05-01
Published