Vulnerability Details CVE-2009-0282
Integer overflow in Ralink Technology USB wireless adapter (RT73) 3.08 for Windows, and other wireless card drivers including rt2400, rt2500, rt2570, and rt61, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Probe Request packet with a long SSID, possibly related to an integer signedness error.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.142
EPSS Ranking 94.1%
CVSS Severity
CVSS v2 Score 9.3
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512995
- http://secunia.com/advisories/33592
- http://secunia.com/advisories/33699
- http://secunia.com/advisories/35743
- http://security.gentoo.org/glsa/glsa-200907-08.xml
- http://www.debian.org/security/2009/dsa-1712
- http://www.debian.org/security/2009/dsa-1713
- http://www.debian.org/security/2009/dsa-1714
- http://www.securityfocus.com/archive/1/500168/100/0/threaded
- http://www.securityfocus.com/bid/33340
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512995
- http://secunia.com/advisories/33592
- http://secunia.com/advisories/33699
- http://secunia.com/advisories/35743
- http://security.gentoo.org/glsa/glsa-200907-08.xml
- http://www.debian.org/security/2009/dsa-1712
- http://www.debian.org/security/2009/dsa-1713
- http://www.debian.org/security/2009/dsa-1714
- http://www.securityfocus.com/archive/1/500168/100/0/threaded
- http://www.securityfocus.com/bid/33340
Products affected by CVE-2009-0282
-
cpe:2.3:h:ralinktech:rt73:3.08
-
cpe:2.3:o:microsoft:windows_2000:-