CVE-2009-2411

HIGH

Description

Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412.

References

http://archives.neohapsis.com/archives/bugtraq/2009-08/0056.html

http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

http://osvdb.org/56856

http://secunia.com/advisories/36184

http://secunia.com/advisories/36224

http://secunia.com/advisories/36232

http://secunia.com/advisories/36257

http://secunia.com/advisories/36262

http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt

http://support.apple.com/kb/HT3937

http://svn.collab.net/repos/svn/tags/1.5.7/CHANGES

http://svn.collab.net/repos/svn/tags/1.6.4/CHANGES

http://svn.haxx.se/dev/archive-2009-08/0107.shtml

http://svn.haxx.se/dev/archive-2009-08/0108.shtml

http://svn.haxx.se/dev/archive-2009-08/0110.shtml

http://www.debian.org/security/2009/dsa-1855

http://www.mandriva.com/security/advisories?name=MDVSA-2009:199

http://www.redhat.com/support/errata/RHSA-2009-1203.html

http://www.securityfocus.com/bid/35983

http://www.securitytracker.com/id?1022697

http://www.ubuntu.com/usn/usn-812-1

http://www.vupen.com/english/advisories/2009/2180

http://www.vupen.com/english/advisories/2009/3184

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11465

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00469.html

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00485.html

Details

Source: MITRE

Published: 2009-08-07

Updated: 2017-09-19

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 8.5

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 6.8

Severity: HIGH