Search for vulnerabilities
Vulnerability details: VCID-s9cb-mseu-aaam
Vulnerability ID VCID-s9cb-mseu-aaam
Aliases CVE-2009-3384
Summary Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing in a reply.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-190 Integer Overflow or Wraparound
System Score Found at
rhas Critical https://access.redhat.com/errata/RHSA-2009:1530
rhas Critical https://access.redhat.com/errata/RHSA-2009:1531
rhas Moderate https://access.redhat.com/errata/RHSA-2010:0153
rhas Moderate https://access.redhat.com/errata/RHSA-2010:0154
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.01257 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
epss 0.03412 https://api.first.org/data/v1/epss?cve=CVE-2009-3384
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=530164
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2009-3384
Reference id Reference type URL
http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html
http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://osvdb.org/59943
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3384.json
https://api.first.org/data/v1/epss?cve=CVE-2009-3384
https://bugzilla.redhat.com/show_bug.cgi?id=525788
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3384
http://secunia.com/advisories/37346
http://secunia.com/advisories/37393
http://secunia.com/advisories/37397
http://secunia.com/advisories/43068
https://exchange.xforce.ibmcloud.com/vulnerabilities/54241
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6362
http://support.apple.com/kb/HT3949
http://support.apple.com/kb/HT4013
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00545.html
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00549.html
http://www.securityfocus.com/bid/36995
http://www.securitytracker.com/id?1023166
http://www.vupen.com/english/advisories/2009/3217
http://www.vupen.com/english/advisories/2011/0212
530164 https://bugzilla.redhat.com/show_bug.cgi?id=530164
559759 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559759
CVE-2009-3384 https://nvd.nist.gov/vuln/detail/CVE-2009-3384
RHSA-2009:1530 https://access.redhat.com/errata/RHSA-2009:1530
RHSA-2009:1531 https://access.redhat.com/errata/RHSA-2009:1531
RHSA-2010:0153 https://access.redhat.com/errata/RHSA-2010:0153
RHSA-2010:0154 https://access.redhat.com/errata/RHSA-2010:0154
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2009-3384
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.64999
EPSS Score 0.00245
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.