CVE-2009-0912
NONE EPSS 29.5%
Published Mar 16, 200917y ago · Modified Jun 16, 20262w ago
Published Mar 16, 2009 17y ago
Last Modified Jun 16, 2026 2w ago
Description
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.
Threat Intelligence
EPSS Exploit Probability
29.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-20 Improper Input Validation Validation
Affected Products 11
| Vendor | Product | Version | Range |
|---|---|---|---|
| mandriva | multi_network_firewall | 2.0 | any |
| mandriva | linux | 2008.0 | any |
| mandriva | linux | 2008.0 | any |
| mandriva | linux | 2008.1 | any |
| mandriva | linux | 2008.1 | any |
| mandriva | linux | 2009.0 | any |
| mandriva | linux | 2009.0 | any |
| mandriva | linux_corporate_server | 3.0 | any |
| mandriva | linux_corporate_server | 3.0 | any |
| mandriva | linux_corporate_server | 4.0 | any |
| mandriva | linux_corporate_server | 4.0 | any |
References 4
- mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2009:072
- securityfocus.com http://www.securityfocus.com/bid/34089
- vupen.com http://www.vupen.com/english/advisories/2009/0688
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/49220
Remediation
- securityfocus.com http://www.securityfocus.com/bid/34089