Vulnerability Details CVE-2009-0912
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.6%
CVSS Severity
CVSS v2 Score 7.2
References
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:072
- http://www.securityfocus.com/bid/34089
- http://www.vupen.com/english/advisories/2009/0688
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49220
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:072
- http://www.securityfocus.com/bid/34089
- http://www.vupen.com/english/advisories/2009/0688
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49220
Products affected by CVE-2009-0912
-
cpe:2.3:a:mandriva:multi_network_firewall:2.0
-
cpe:2.3:o:mandriva:linux:2008.0
-
cpe:2.3:o:mandriva:linux:2008.1
-
cpe:2.3:o:mandriva:linux:2009.0
-
cpe:2.3:o:mandriva:linux_corporate_server:3.0
-
cpe:2.3:o:mandriva:linux_corporate_server:4.0