Lucene search

[email protected]CVE-2009-1352

HistoryApr 21, 2009 - 4:24 p.m.

CVE-2009-1352

2009-04-2116:24:52

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-1352

buffer overflow

powerchm

denial of service

remote attackers

html

arbitrary code

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.09 Low

EPSS

Percentile

94.7%

JSON

Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an HTML file with a link to a long URL, as demonstrated by a .rar URL.

Affected configurations

NVD

Node

dawningsoftpowerchmMatch5.7

CPENameOperatorVersion
dawningsoft:powerchmdawningsoft powerchmeq5.7

CPE	Name	Operator	Version
dawningsoft:powerchm	dawningsoft powerchm	eq	5.7

References

www.securityfocus.com/bid/34517

exchange.xforce.ibmcloud.com/vulnerabilities/49882

www.exploit-db.com/exploits/8434

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.09 Low

EPSS

Percentile

94.7%

JSON

Related for CVE-2009-1352

prion1 nvd1 cvelist1