CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-2286

Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.083

EPSS Ranking 91.8%

CVSS Severity

CVSS v2 Score 4.3

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534973
http://www.openwall.com/lists/oss-security/2009/06/29/2
http://www.openwall.com/lists/oss-security/2009/06/29/4
http://www.openwall.com/lists/oss-security/2009/07/03/1
http://www.securityfocus.com/bid/35863
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534973
http://www.openwall.com/lists/oss-security/2009/06/29/2
http://www.openwall.com/lists/oss-security/2009/06/29/4
http://www.openwall.com/lists/oss-security/2009/07/03/1
http://www.securityfocus.com/bid/35863

Products affected by CVE-2009-2286

James Ashton » Compface » Version: Any

cpe:2.3:a:james_ashton:compface:*
James Ashton » Compface » Version: 1.4

cpe:2.3:a:james_ashton:compface:1.4
James Ashton » Compface » Version: 1.5

cpe:2.3:a:james_ashton:compface:1.5
James Ashton » Compface » Version: 1.5.1

cpe:2.3:a:james_ashton:compface:1.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2286

Products

Pricing

Contact Us