CVE-2009-1515
published 2009-05-04CVE-2009-1515: Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary…
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary code via a crafted compound document file, as demonstrated by a .msi, .doc, or .mpp file. NOTE: some of these details are obtained from third party information.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | — | — |
| christos_zoulas | file | — | — |
| debian | file | < file 5.02-1 (bookworm) | file 5.02-1 (bookworm) |
| debian | file | < file 5.03-1 (bookworm) | file 5.03-1 (bookworm) |
| file_project | file | >= 0 < 5.03-1 | 5.03-1 |
| file_project | file | >= 0 < 5.02-1 | 5.02-1 |
| file_project | file | >= 0 < 5.03-1 | 5.03-1 |
| file_project | file | >= 0 < 5.02-1 | 5.02-1 |
| file_project | file | >= 0 < 5.03-1 | 5.03-1 |
| file_project | file | >= 0 < 5.02-1 | 5.02-1 |
| file_project | file | >= 0 < 5.03-1 | 5.03-1 |
| file_project | file | >= 0 < 5.02-1 | 5.02-1 |
| linux | linux_kernel | < 6.12.65 | 6.12.65 |
| linux | linux_kernel | >= 0 < 6.1.160 | 6.1.160 |
| linux | linux_kernel | >= 6.2.0 < 6.6.120 | 6.6.120 |
| linux | linux_kernel | >= 6.7.0 < 6.18.4 | 6.18.4 |
CVSS provenance
nvd6.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM