Vulnerability Details : CVE-2009-3619
Unspecified vulnerability in ViewVC 1.0 before 1.0.9 and 1.1 before 1.1.2 has unknown impact and remote attack vectors related to "printing illegal parameter names and values."
Exploit prediction scoring system (EPSS) score for CVE-2009-3619
Probability of exploitation activity in the next 30 days: 0.52%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 74 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-3619
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2009-3619
-
http://www.vupen.com/english/advisories/2009/2257
Patch;Vendor Advisory
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00566.html
- http://www.openwall.com/lists/oss-security/2009/10/16/10
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00557.html
-
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2009:017 - openSUSE Security Announce - openSUSE Mailing Lists
- http://viewvc.tigris.org/source/browse/*checkout*/viewvc/tags/1.1.2/CHANGES?revision=2235&pathrev=HEAD
Products affected by CVE-2009-3619
- cpe:2.3:a:viewvc:viewvc:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:viewvc:viewvc:1.0.8:*:*:*:*:*:*:*