Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-b4bz-7ttk-d3ae
Vulnerability ID VCID-b4bz-7ttk-d3ae
Aliases CVE-2009-2416
Summary Multiple Denial of Services vulnerabilities were found in libxml2.
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
cvssv3.1 6.5 http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html
ssvc Track http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html
cvssv3.1 6.5 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
ssvc Track http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
cvssv3.1 6.5 http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html
ssvc Track http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html
cvssv3.1 6.5 http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html
ssvc Track http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
epss 0.00192 https://api.first.org/data/v1/epss?cve=CVE-2009-2416
cvssv3.1 6.5 https://bugzilla.redhat.com/show_bug.cgi?id=515205
ssvc Track https://bugzilla.redhat.com/show_bug.cgi?id=515205
cvssv3.1 6.5 http://secunia.com/advisories/35036
ssvc Track http://secunia.com/advisories/35036
cvssv3.1 6.5 http://secunia.com/advisories/36207
ssvc Track http://secunia.com/advisories/36207
cvssv3.1 6.5 http://secunia.com/advisories/36338
ssvc Track http://secunia.com/advisories/36338
cvssv3.1 6.5 http://secunia.com/advisories/36417
ssvc Track http://secunia.com/advisories/36417
cvssv3.1 6.5 http://secunia.com/advisories/36631
ssvc Track http://secunia.com/advisories/36631
cvssv3.1 6.5 http://secunia.com/advisories/37346
ssvc Track http://secunia.com/advisories/37346
cvssv3.1 6.5 http://secunia.com/advisories/37471
ssvc Track http://secunia.com/advisories/37471
cvssv3.1 6.5 https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59
ssvc Track https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59
cvssv3.1 6.5 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783
ssvc Track https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783
cvssv3.1 6.5 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262
ssvc Track https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262
cvssv3.1 6.5 http://support.apple.com/kb/HT3937
ssvc Track http://support.apple.com/kb/HT3937
cvssv3.1 6.5 http://support.apple.com/kb/HT3949
ssvc Track http://support.apple.com/kb/HT3949
cvssv3.1 6.5 http://support.apple.com/kb/HT4225
ssvc Track http://support.apple.com/kb/HT4225
cvssv3.1 6.5 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html
ssvc Track https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html
cvssv3.1 6.5 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html
ssvc Track https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html
cvssv3.1 6.5 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html
ssvc Track https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html
cvssv3.1 6.5 http://www.cert.fi/en/reports/2009/vulnerability2009085.html
ssvc Track http://www.cert.fi/en/reports/2009/vulnerability2009085.html
cvssv3.1 6.5 http://www.codenomicon.com/labs/xml/
ssvc Track http://www.codenomicon.com/labs/xml/
cvssv3.1 6.5 http://www.debian.org/security/2009/dsa-1859
ssvc Track http://www.debian.org/security/2009/dsa-1859
cvssv3.1 6.5 http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html
ssvc Track http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html
cvssv3.1 6.5 http://www.networkworld.com/columnists/2009/080509-xml-flaw.html
ssvc Track http://www.networkworld.com/columnists/2009/080509-xml-flaw.html
cvssv3.1 6.5 http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html
ssvc Track http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html
cvssv3.1 6.5 http://www.securityfocus.com/archive/1/507985/100/0/threaded
ssvc Track http://www.securityfocus.com/archive/1/507985/100/0/threaded
cvssv3.1 6.5 http://www.securityfocus.com/bid/36010
ssvc Track http://www.securityfocus.com/bid/36010
cvssv3.1 6.5 http://www.ubuntu.com/usn/USN-815-1
ssvc Track http://www.ubuntu.com/usn/USN-815-1
cvssv3.1 6.5 http://www.vmware.com/security/advisories/VMSA-2009-0016.html
ssvc Track http://www.vmware.com/security/advisories/VMSA-2009-0016.html
cvssv3.1 6.5 http://www.vupen.com/english/advisories/2009/2420
ssvc Track http://www.vupen.com/english/advisories/2009/2420
cvssv3.1 6.5 http://www.vupen.com/english/advisories/2009/3184
ssvc Track http://www.vupen.com/english/advisories/2009/3184
cvssv3.1 6.5 http://www.vupen.com/english/advisories/2009/3217
ssvc Track http://www.vupen.com/english/advisories/2009/3217
cvssv3.1 6.5 http://www.vupen.com/english/advisories/2009/3316
ssvc Track http://www.vupen.com/english/advisories/2009/3316
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2416.json
https://api.first.org/data/v1/epss?cve=CVE-2009-2416
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416
2420 http://www.vupen.com/english/advisories/2009/2420
3217 http://www.vupen.com/english/advisories/2009/3217
35036 http://secunia.com/advisories/35036
36010 http://www.securityfocus.com/bid/36010
36207 http://secunia.com/advisories/36207
36338 http://secunia.com/advisories/36338
36417 http://secunia.com/advisories/36417
36631 http://secunia.com/advisories/36631
37346 http://secunia.com/advisories/37346
515205 https://bugzilla.redhat.com/show_bug.cgi?id=515205
540865 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540865
CVE-2009-2414-2416.html http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html
dsa-1859 http://www.debian.org/security/2009/dsa-1859
GLSA-201009-07 https://security.gentoo.org/glsa/201009-07
HT3949 http://support.apple.com/kb/HT3949
?id=489f9671e71cc44a97b23111b3126ac8a1e21a59 https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59
msg00001.html http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html
msg00537.html https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html
msg00547.html https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html
msg00642.html https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html
msg678527.html http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html
oval%3Aorg.mitre.oval%3Adef%3A7783 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783
oval%3Aorg.mitre.oval%3Adef%3A9262 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262
RHSA-2009:1206 https://access.redhat.com/errata/RHSA-2009:1206
stable-update-security-fixes.html http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html
USN-815-1 https://usn.ubuntu.com/815-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://bugzilla.redhat.com/show_bug.cgi?id=515205
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=515205
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://secunia.com/advisories/35036
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://secunia.com/advisories/35036
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://secunia.com/advisories/36207
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://secunia.com/advisories/36207
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://secunia.com/advisories/36338
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://secunia.com/advisories/36338
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://secunia.com/advisories/36417
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://secunia.com/advisories/36417
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://secunia.com/advisories/36631
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://secunia.com/advisories/36631
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://secunia.com/advisories/37346
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://secunia.com/advisories/37346
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://secunia.com/advisories/37471
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://secunia.com/advisories/37471
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://support.apple.com/kb/HT3937
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://support.apple.com/kb/HT3937
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://support.apple.com/kb/HT3949
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://support.apple.com/kb/HT3949
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://support.apple.com/kb/HT4225
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://support.apple.com/kb/HT4225
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.cert.fi/en/reports/2009/vulnerability2009085.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.cert.fi/en/reports/2009/vulnerability2009085.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.codenomicon.com/labs/xml/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.codenomicon.com/labs/xml/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.debian.org/security/2009/dsa-1859
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.debian.org/security/2009/dsa-1859
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.networkworld.com/columnists/2009/080509-xml-flaw.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.networkworld.com/columnists/2009/080509-xml-flaw.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.securityfocus.com/archive/1/507985/100/0/threaded
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.securityfocus.com/archive/1/507985/100/0/threaded
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.securityfocus.com/bid/36010
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.securityfocus.com/bid/36010
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.ubuntu.com/usn/USN-815-1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.ubuntu.com/usn/USN-815-1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.vupen.com/english/advisories/2009/2420
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.vupen.com/english/advisories/2009/2420
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.vupen.com/english/advisories/2009/3184
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.vupen.com/english/advisories/2009/3184
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.vupen.com/english/advisories/2009/3217
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.vupen.com/english/advisories/2009/3217
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.vupen.com/english/advisories/2009/3316
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/ Found at http://www.vupen.com/english/advisories/2009/3316
Exploit Prediction Scoring System (EPSS)
Percentile 0.41094
EPSS Score 0.00192
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:04:32.248218+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201009-07 38.0.0