Security Vulnerabilities, CVEs, Published In December 2009
CVE-2009-4502
Public exploit
The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. NOTE: this attack is limited to attacks from trusted IP addresses.
Max CVSS
9.3
EPSS Score
91.33%
Published
2009-12-31
Updated
2010-01-01
CVE-2009-4498
Public exploit
The node_process_command function in Zabbix Server before 1.8 allows remote attackers to execute arbitrary commands via a crafted request.
Max CVSS
6.8
EPSS Score
60.42%
Published
2009-12-31
Updated
2010-05-25
CVE-2009-4484
Public exploit
Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
Max CVSS
7.5
EPSS Score
97.21%
Published
2009-12-30
Updated
2023-02-14
CVE-2009-4324
Known exploited
Public exploit
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.
Max CVSS
9.3
EPSS Score
97.04%
Published
2009-12-15
Updated
2018-10-30
CISA KEV Added
2022-06-08
CVE-2009-4265
Public exploit
Stack-based buffer overflow in Ideal Administration 2009 9.7.1, and possibly other versions, allows remote attackers to execute arbitrary code via a long Computer value in an .ipj project file.
Max CVSS
9.3
EPSS Score
94.04%
Published
2009-12-10
Updated
2009-12-11
CVE-2009-4225
Public exploit
Stack-based buffer overflow in the PestPatrol ActiveX control (ppctl.dll) 5.6.7.9 in CA eTrust PestPatrol allows remote attackers to execute arbitrary code via a long argument to the Initialize method.
Max CVSS
9.3
EPSS Score
94.42%
Published
2009-12-08
Updated
2021-04-09
CVE-2009-4195
Public exploit
Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript (.eps) file. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
97.20%
Published
2009-12-04
Updated
2018-10-10
CVE-2009-4189
Public exploit
HP Operations Manager has a default password of OvW*busr1 for the ovwebusr account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3099 and CVE-2009-3843.
Max CVSS
10.0
EPSS Score
0.43%
Published
2009-12-03
Updated
2009-12-04
CVE-2009-4188
Public exploit
HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.
Max CVSS
10.0
EPSS Score
2.55%
Published
2009-12-03
Updated
2009-12-04
CVE-2009-4179
Public exploit
Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.
Max CVSS
10.0
EPSS Score
95.16%
Published
2009-12-10
Updated
2018-10-10
CVE-2009-4178
Public exploit
Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter.
Max CVSS
10.0
EPSS Score
96.49%
Published
2009-12-10
Updated
2018-10-10
CVE-2009-4147
Public exploit
The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld-elf/rtld.c in FreeBSD 7.1 and 8.0 does not clear the (1) LD_LIBMAP, (2) LD_LIBRARY_PATH, (3) LD_LIBMAP_DISABLE, (4) LD_DEBUG, and (5) LD_ELF_HINTS_PATH environment variables, which allows local users to gain privileges by executing a setuid or setguid program with a modified variable containing an untrusted search path that points to a Trojan horse library, different vectors than CVE-2009-4146.
Max CVSS
7.2
EPSS Score
0.04%
Published
2009-12-02
Updated
2019-05-22
CVE-2009-4146
Public exploit
The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld-elf/rtld.c in FreeBSD 7.1, 7.2, and 8.0 does not clear the LD_PRELOAD environment variable, which allows local users to gain privileges by executing a setuid or setguid program with a modified LD_PRELOAD variable containing an untrusted search path that points to a Trojan horse library, a different vector than CVE-2009-4147.
Max CVSS
7.2
EPSS Score
0.04%
Published
2009-12-02
Updated
2019-05-22
CVE-2009-4140
Public exploit
Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer, as used in Piwik 0.2.35 through 0.4.3, Woopra Analytics Plugin before 1.4.3.2, and possibly other products, when register_globals is enabled, allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension through the name parameter with the code in the HTTP_RAW_POST_DATA parameter, then accessing it via a direct request to the file in tmp-upload-images/.
Max CVSS
7.5
EPSS Score
97.28%
Published
2009-12-22
Updated
2019-11-21
CVE-2009-3849
Public exploit
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long Template parameter to nnmRptConfig.exe, related to the strcat function; or (2) a long Oid parameter to snmp.exe.
Max CVSS
10.0
EPSS Score
96.67%
Published
2009-12-10
Updated
2018-10-10
CVE-2009-3844
Public exploit
Stack-based buffer overflow in the OmniInet process in HP OpenView Data Protector Application Recovery Manager 5.50 and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted MSG_PROTOCOL packet.
Max CVSS
10.0
EPSS Score
96.35%
Published
2009-12-08
Updated
2018-10-10
CVE-2009-3672
Public exploit
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory that (1) were not properly initialized or (2) are deleted, which allows remote attackers to execute arbitrary code via vectors involving a call to the getElementsByTagName method for the STYLE tag name, selection of the single element in the returned list, and a change to the outerHTML property of this element, related to Cascading Style Sheets (CSS) and mshtml.dll, aka "HTML Object Memory Corruption Vulnerability." NOTE: some of these details are obtained from third party information. NOTE: this issue was originally assigned CVE-2009-4054, but Microsoft assigned a duplicate identifier of CVE-2009-3672. CVE consumers should use this identifier instead of CVE-2009-4054.
Max CVSS
9.3
EPSS Score
71.60%
Published
2009-12-02
Updated
2023-12-07
CVE-2009-3563
Public exploit
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
Max CVSS
6.4
EPSS Score
96.32%
Published
2009-12-09
Updated
2017-09-19
CVE-2009-1569
Public exploit
Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time.
Max CVSS
9.3
EPSS Score
94.60%
Published
2009-12-08
Updated
2018-10-10
CVE-2009-1568
Public exploit
Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client 5.30, and possibly other versions before 5.32, allows remote attackers to execute arbitrary code via a long target-frame parameter.
Max CVSS
9.3
EPSS Score
94.32%
Published
2009-12-08
Updated
2018-10-10
CVE-2007-2280
Public exploit
Stack-based buffer overflow in OmniInet.exe (aka the backup client service daemon) in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via an MSG_PROTOCOL command with long arguments, a different vulnerability than CVE-2009-3844.
Max CVSS
10.0
EPSS Score
96.10%
Published
2009-12-18
Updated
2009-12-23
Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending a / (slash) character to the URI.
Max CVSS
5.0
EPSS Score
2.10%
Published
2009-12-31
Updated
2010-01-04
Open redirect vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.12%
Published
2009-12-31
Updated
2010-01-04
The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders for a default value, which allows remote attackers to read session variables via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.54%
Published
2009-12-31
Updated
2017-08-17
Cross-site scripting (XSS) vulnerability in the Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, allows remote authenticated users, with webform creation privileges, to inject arbitrary web script or HTML via a field label.
Max CVSS
3.5
EPSS Score
0.11%
Published
2009-12-31
Updated
2017-08-17