CVE-2009-0270

2009-01-2619:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2009-0270

buffer overflow

pxeservice.exe

fujitsu systemcastwizard lite

remote code execution

udp protocol

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

Low

EPSS

0.288

Percentile

96.9%

JSON

Stack-based buffer overflow in PXEService.exe in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to execute arbitrary code via a large PXE protocol request in a UDP packet.

Affected configurations

Nvd

Node

fujitsusystemcastwizard_liteRange≤2.0a

fujitsusystemcastwizard_liteMatch1.7

fujitsusystemcastwizard_liteMatch1.8

fujitsusystemcastwizard_liteMatch1.8a

fujitsusystemcastwizard_liteMatch1.9

fujitsusystemcastwizard_liteMatch2.0

VendorProductVersionCPE
fujitsusystemcastwizard_lite*cpe:2.3:a:fujitsu:systemcastwizard_lite:*:*:*:*:*:*:*:*
fujitsusystemcastwizard_lite1.7cpe:2.3:a:fujitsu:systemcastwizard_lite:1.7:*:*:*:*:*:*:*
fujitsusystemcastwizard_lite1.8cpe:2.3:a:fujitsu:systemcastwizard_lite:1.8:*:*:*:*:*:*:*
fujitsusystemcastwizard_lite1.8acpe:2.3:a:fujitsu:systemcastwizard_lite:1.8a:*:*:*:*:*:*:*
fujitsusystemcastwizard_lite1.9cpe:2.3:a:fujitsu:systemcastwizard_lite:1.9:*:*:*:*:*:*:*
fujitsusystemcastwizard_lite2.0cpe:2.3:a:fujitsu:systemcastwizard_lite:2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fujitsu	systemcastwizard_lite	*	cpe:2.3:a:fujitsu:systemcastwizard_lite::::::::
fujitsu	systemcastwizard_lite	1.7	cpe:2.3:a:fujitsu:systemcastwizard_lite:1.7:::::::*
fujitsu	systemcastwizard_lite	1.8	cpe:2.3:a:fujitsu:systemcastwizard_lite:1.8:::::::*
fujitsu	systemcastwizard_lite	1.8a	cpe:2.3:a:fujitsu:systemcastwizard_lite:1.8a:::::::*
fujitsu	systemcastwizard_lite	1.9	cpe:2.3:a:fujitsu:systemcastwizard_lite:1.9:::::::*
fujitsu	systemcastwizard_lite	2.0	cpe:2.3:a:fujitsu:systemcastwizard_lite:2.0:::::::*