Search for vulnerabilities
Vulnerability details: VCID-3u38-gjfq-aaaa
Vulnerability ID VCID-3u38-gjfq-aaaa
Aliases CVE-2009-1391
Summary Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009.
Status Published
Exploitability 2.0
Weighted Severity 6.1
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
cvssv3.1 4.2 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.19404 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
epss 0.20161 https://api.first.org/data/v1/epss?cve=CVE-2009-1391
cvssv3.1 4.2 http://secunia.com/advisories/35685
generic_textual MODERATE http://secunia.com/advisories/35685
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2009-1391
Reference id Reference type URL
http://article.gmane.org/gmane.mail.virus.amavis.user/33635
http://article.gmane.org/gmane.mail.virus.amavis.user/33638
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://osvdb.org/55041
https://api.first.org/data/v1/epss?cve=CVE-2009-1391
https://bugs.gentoo.org/show_bug.cgi?id=273141
https://bugzilla.redhat.com/show_bug.cgi?id=504386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1391
http://secunia.com/advisories/35422
http://secunia.com/advisories/35685
http://secunia.com/advisories/35689
http://secunia.com/advisories/35876
http://security.gentoo.org/glsa/glsa-200908-07.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/51062
https://usn.ubuntu.com/794-1/
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00607.html
http://thread.gmane.org/gmane.mail.virus.amavis.user/33635
http://www.mandriva.com/security/advisories?name=MDVSA-2009:157
http://www.securityfocus.com/bid/35307
http://www.vupen.com/english/advisories/2009/1571
532736 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532736
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:*:*:*:*:*:*:*:*
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.001:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.001:*:*:*:*:*:*:*
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.002:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.002:*:*:*:*:*:*:*
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.003:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.003:*:*:*:*:*:*:*
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.004:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.004:*:*:*:*:*:*:*
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.005:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.005:*:*:*:*:*:*:*
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.006:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.006:*:*:*:*:*:*:*
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.008:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.008:*:*:*:*:*:*:*
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.009:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.009:*:*:*:*:*:*:*
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.010:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.010:*:*:*:*:*:*:*
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.011:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.011:*:*:*:*:*:*:*
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.012:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.012:*:*:*:*:*:*:*
cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.014:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:paul_marquess:compress-raw-zlib_perl_module:2.014:*:*:*:*:*:*:*
CVE-2009-1391 https://nvd.nist.gov/vuln/detail/CVE-2009-1391
CVE-2009-1391;OSVDB-55041 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33032.txt
CVE-2009-1391;OSVDB-55041 Exploit https://www.securityfocus.com/bid/35307/info
GLSA-200908-07 https://security.gentoo.org/glsa/200908-07
Data source Exploit-DB
Date added May 11, 2009
Description Compress::Raw::Zlib Perl Module - Remote Code Execution
Ransomware campaign use Known
Source publication date May 11, 2009
Exploit type remote
Platform linux
Source update date April 27, 2014
Source URL https://www.securityfocus.com/bid/35307/info
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://secunia.com/advisories/35685
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2009-1391
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.77486
EPSS Score 0.00558
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.