Search for vulnerabilities
Vulnerability details: VCID-us96-4dyu-aaad
Vulnerability ID VCID-us96-4dyu-aaad
Aliases CVE-2009-2412
Summary Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-189 Numeric Errors
CWE-190 Integer Overflow or Wraparound
System Score Found at
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
rhas Moderate https://access.redhat.com/errata/RHSA-2009:1204
rhas Moderate https://access.redhat.com/errata/RHSA-2009:1205
rhas Moderate https://access.redhat.com/errata/RHSA-2009:1462
rhas Moderate https://access.redhat.com/errata/RHSA-2010:0602
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.05557 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.09039 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.11242 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.12028 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.12028 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
epss 0.14824 https://api.first.org/data/v1/epss?cve=CVE-2009-2412
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=515698
apache_httpd low https://httpd.apache.org/security/json/CVE-2009-2412.json
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2009-2412
generic_textual MODERATE http://www.vupen.com/english/advisories/2010/1107
Reference id Reference type URL
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
http://osvdb.org/56765
http://osvdb.org/56766
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json
https://api.first.org/data/v1/epss?cve=CVE-2009-2412
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
http://secunia.com/advisories/36138
http://secunia.com/advisories/36140
http://secunia.com/advisories/36166
http://secunia.com/advisories/36233
http://secunia.com/advisories/37152
http://secunia.com/advisories/37221
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8394
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9958
http://support.apple.com/kb/HT3937
http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/CHANGES?revision=800733&view=markup
http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/memory/unix/apr_pools.c?r1=585356&r2=800733
http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/CHANGES?revision=800732&view=markup
http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/memory/unix/apr_pools.c?r1=678140&r2=800732
http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/CHANGES?revision=800736&view=markup
http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/misc/apr_rmm.c?r1=230441&r2=800736
http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/CHANGES?revision=800735&view=markup
http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/misc/apr_rmm.c?r1=647687&r2=800735
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00320.html
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00353.html
http://www-01.ibm.com/support/docview.wss?uid=swg1PK93225
http://www-01.ibm.com/support/docview.wss?uid=swg1PK99482
http://www.mandriva.com/security/advisories?name=MDVSA-2009:195
http://www.securityfocus.com/bid/35949
http://www.ubuntu.com/usn/usn-813-2
http://www.vupen.com/english/advisories/2009/3184
http://www.vupen.com/english/advisories/2010/1107
515698 https://bugzilla.redhat.com/show_bug.cgi?id=515698
cpe:2.3:a:apache:apr-util:0.9.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:0.9.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:0.9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:0.9.2-dev:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.2-dev:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:0.9.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:0.9.3-dev:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.3-dev:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:0.9.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:0.9.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:0.9.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:0.9.7-dev:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.7-dev:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:0.9.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:0.9.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:1.3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:1.3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:1.3.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:1.3.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:1.3.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:1.3.4-dev:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.4-dev:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:1.3.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:1.3.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:1.3.6-dev:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.6-dev:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:1.3.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:apr-util:1.3.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.16-dev:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.16-dev:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.2-dev:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.2-dev:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.3-dev:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.3-dev:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.7-dev:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.7-dev:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:0.9.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.4-dev:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:1.3.4-dev:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.6-dev:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:1.3.6-dev:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:1.3.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:1.3.8:*:*:*:*:*:*:*
CVE-2009-2412 https://httpd.apache.org/security/json/CVE-2009-2412.json
CVE-2009-2412 https://nvd.nist.gov/vuln/detail/CVE-2009-2412
GLSA-200909-03 https://security.gentoo.org/glsa/200909-03
RHSA-2009:1204 https://access.redhat.com/errata/RHSA-2009:1204
RHSA-2009:1205 https://access.redhat.com/errata/RHSA-2009:1205
RHSA-2009:1462 https://access.redhat.com/errata/RHSA-2009:1462
RHSA-2010:0602 https://access.redhat.com/errata/RHSA-2010:0602
USN-813-1 https://usn.ubuntu.com/813-1/
USN-813-2 https://usn.ubuntu.com/813-2/
USN-813-3 https://usn.ubuntu.com/813-3/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2009-2412
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.89332
EPSS Score 0.05557
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.