Vulnerability Details CVE-2009-2483
libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) containing an undefined element.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.5%
CVSS Severity
CVSS v2 Score 4.9
References
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-003.txt.asc
- http://osvdb.org/55285
- http://secunia.com/advisories/35556
- http://www.securityfocus.com/bid/35466
- http://www.securitytracker.com/id?1022431
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51311
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-003.txt.asc
- http://osvdb.org/55285
- http://secunia.com/advisories/35556
- http://www.securityfocus.com/bid/35466
- http://www.securitytracker.com/id?1022431
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51311