CVE-2009-1490 - Vulnerability Details

Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sendmail	Sendmail

Configuration 1 [-]

OR	cpe:2.3:a:sendmail:sendmail::::::::
	cpe:2.3:a:sendmail:sendmail:2.6:::::::*
	cpe:2.3:a:sendmail:sendmail:2.6::nt:::::
	cpe:2.3:a:sendmail:sendmail:2.6.1:::::::*
	cpe:2.3:a:sendmail:sendmail:2.6.1::nt:::::
	cpe:2.3:a:sendmail:sendmail:2.6.2:::::::*
	cpe:2.3:a:sendmail:sendmail:3.0:::::::*
	cpe:2.3:a:sendmail:sendmail:3.0::nt:::::
	cpe:2.3:a:sendmail:sendmail:3.0.1:::::::*
	cpe:2.3:a:sendmail:sendmail:3.0.1::nt:::::
	cpe:2.3:a:sendmail:sendmail:3.0.2:::::::*
	cpe:2.3:a:sendmail:sendmail:3.0.2::nt:::::
	cpe:2.3:a:sendmail:sendmail:3.0.3:::::::*
	cpe:2.3:a:sendmail:sendmail:4.1:::::::*
	cpe:2.3:a:sendmail:sendmail:4.55:::::::*
	cpe:2.3:a:sendmail:sendmail:5:::::::*
	cpe:2.3:a:sendmail:sendmail:5.59:::::::*
	cpe:2.3:a:sendmail:sendmail:5.61:::::::*
	cpe:2.3:a:sendmail:sendmail:5.65:::::::*
	cpe:2.3:a:sendmail:sendmail:8.6.7:::::::*
	cpe:2.3:a:sendmail:sendmail:8.7.6:::::::*
	cpe:2.3:a:sendmail:sendmail:8.7.7:::::::*
	cpe:2.3:a:sendmail:sendmail:8.7.8:::::::*
	cpe:2.3:a:sendmail:sendmail:8.7.9:::::::*
	cpe:2.3:a:sendmail:sendmail:8.7.10:::::::*
	cpe:2.3:a:sendmail:sendmail:8.8.8:::::::*
	cpe:2.3:a:sendmail:sendmail:8.9.0:::::::*
	cpe:2.3:a:sendmail:sendmail:8.9.1:::::::*
	cpe:2.3:a:sendmail:sendmail:8.9.2:::::::*
	cpe:2.3:a:sendmail:sendmail:8.9.3:::::::*
	cpe:2.3:a:sendmail:sendmail:8.10:::::::*
	cpe:2.3:a:sendmail:sendmail:8.10.0:::::::*
	cpe:2.3:a:sendmail:sendmail:8.10.1:::::::*
	cpe:2.3:a:sendmail:sendmail:8.10.2:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.0:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.1:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.2:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.3:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.4:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.5:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.6:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.7:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12:beta10::::::
	cpe:2.3:a:sendmail:sendmail:8.12:beta12::::::
	cpe:2.3:a:sendmail:sendmail:8.12:beta16::::::
	cpe:2.3:a:sendmail:sendmail:8.12:beta5::::::
	cpe:2.3:a:sendmail:sendmail:8.12:beta7::::::
	cpe:2.3:a:sendmail:sendmail:8.12.0:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.1:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.2:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.3:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.4:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.5:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.6:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.7:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.8:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.9:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.10:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.11:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.0:::::::*

No data.

References

Link	Providers
http://www.nmrc.org/~thegnome/blog/apr09/
http://www.sendmail.org/releases/8.13.2
https://exchange.xforce.ibmcloud.com/vulnerabilities/50355
https://nvd.nist.gov/vuln/detail/CVE-2009-1490
https://www.cve.org/CVERecord?id=CVE-2009-1490

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-05-05T19:00:00

Updated: 2024-08-07T05:13:25.560Z

Reserved: 2009-04-30T00:00:00

Link: CVE-2009-1490

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-05-05T19:30:00.170

Modified: 2024-11-21T01:02:35.073

Link: CVE-2009-1490

Redhat

Severity :

Publid Date: 2009-04-30T00:00:00Z

Links: CVE-2009-1490 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-04-27T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.sendmail.org/releases/8.13.2"}, {"tags": ["x_refsource_MISC"], "url": "http://www.nmrc.org/~thegnome/blog/apr09/"}, {"name": "sendmail-xheader-bo(50355)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-1490", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.sendmail.org/releases/8.13.2", "refsource": "CONFIRM", "url": "http://www.sendmail.org/releases/8.13.2"}, {"name": "http://www.nmrc.org/~thegnome/blog/apr09/", "refsource": "MISC", "url": "http://www.nmrc.org/~thegnome/blog/apr09/"}, {"name": "sendmail-xheader-bo(50355)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T05:13:25.560Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.sendmail.org/releases/8.13.2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.nmrc.org/~thegnome/blog/apr09/"}, {"name": "sendmail-xheader-bo(50355)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-1490", "datePublished": "2009-05-05T19:00:00", "dateReserved": "2009-04-30T00:00:00", "dateUpdated": "2024-08-07T05:13:25.560Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*", "matchCriteriaId": "2820FDAE-AA3F-4452-933C-62B4F174D941", "versionEndIncluding": "8.13.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "1CA16C02-3B8D-4188-898E-048A93F11ADA", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:2.6:*:nt:*:*:*:*:*", "matchCriteriaId": "3300A5FC-69D9-4F19-AB0E-0273F5ECF45C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "0FF12CC4-C9CD-479A-8F85-8F947B5B60A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:nt:*:*:*:*:*", "matchCriteriaId": "EC340D43-0E4D-4365-A604-9DDF3BD62039", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "623A2E07-2122-4ADE-9932-011DCA4396A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5C563EF-FDED-4193-A66A-06527878BB1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:3.0:*:nt:*:*:*:*:*", "matchCriteriaId": "E43CBCA0-47B1-4992-A636-A0BF4441B91A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B4A267D3-2F49-4E61-B2C9-D8ED2265665E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:nt:*:*:*:*:*", "matchCriteriaId": "2FA4711B-319B-4410-A1B5-C6D8C4B1EC68", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "7199205A-B914-40A1-9C82-A9698511E3C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:nt:*:*:*:*:*", "matchCriteriaId": "F4981D22-AA6B-4901-95BA-F1BB893828B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "BEC468AB-8B18-4169-8040-614A32444732", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "EE4E6D5E-BD37-4F8E-962C-0438C62BEF72", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:4.55:*:*:*:*:*:*:*", "matchCriteriaId": "111C0FC5-A199-44CA-9512-9E6B12514E42", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:5:*:*:*:*:*:*:*", "matchCriteriaId": "7AFADCBA-DB24-451F-9E1D-FBBEE41C5D52", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:5.59:*:*:*:*:*:*:*", "matchCriteriaId": "5DFC5B8B-9102-46A9-9BD3-5CC0B671383F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:5.61:*:*:*:*:*:*:*", "matchCriteriaId": "51BC02ED-17B1-44B3-97DB-F626A2BD2524", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:5.65:*:*:*:*:*:*:*", "matchCriteriaId": "EF58EBCB-5735-4569-957D-C37CC38F0823", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "4BBEEC1F-8382-4FEE-9F7F-60A8D9494DBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "3A34E836-DFF7-404B-9F49-C56DCD81DB4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "624CA3E0-1D02-43C8-9BE2-CDB3651D153F", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "0006A6D0-E3E5-447E-ABCF-6D6E741ADC06", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.9:*:*:*:*:*:*:*", "matchCriteriaId": "85996153-65D0-4697-A01B-F6174CE5B4AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "855476CC-21EA-4037-91B7-7B9AAE9E7F82", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "D30A1136-074A-460D-9794-DDD530626800", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "76A9602B-8E5A-4BF4-81F5-D1152D09FCAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "EFD0B100-D822-4EBF-8EC9-ADAB8141116B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "196D77DF-E6D4-46D0-BC2C-8804A587CA25", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "B743E5A3-6B15-4877-9424-A1F1A4214B73", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*", "matchCriteriaId": "76A60742-7815-4658-A6F7-147AA48C24B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EC773E5-84D2-4084-80DA-EE8423C4925B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "9A1A24F2-9C6B-4DF0-AB04-55D051812DD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "120271B8-08A9-4C21-A108-0DA61095A006", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "84E6ECDA-DF65-47FF-A42F-FD5C1D864FA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "7AA859AF-4E4E-4077-8E98-523E617A1DDC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9791650-C367-43B6-A0F4-5BB56CE10778", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "8340DDA8-77DD-4AEB-B267-F86F64A851B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*", "matchCriteriaId": "07DCBBEE-1DF0-40FE-B755-1FC35CF16788", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*", "matchCriteriaId": "581626E7-47B5-4819-B34F-B6DFD07A12F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*", "matchCriteriaId": "8BBE9A4A-8AB9-4A97-A106-970FEB08952C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.7:*:*:*:*:*:*:*", "matchCriteriaId": "B754AD41-90A0-4382-B599-E41289C690A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*", "matchCriteriaId": "BD99394C-5408-4A01-8D4E-417FFFFDE9C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*", "matchCriteriaId": "AAB59A24-87DE-4CAD-A2BA-AFCC0B2A55B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*", "matchCriteriaId": "97D641EF-0B69-45A1-B85E-3C9C93AB9D42", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*", "matchCriteriaId": "8972211B-6A5B-4095-9CBB-CEF4C23C9C65", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*", "matchCriteriaId": "8F81A2AD-90A0-4B97-86A3-92690A0FCA71", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "598F74BA-2B71-435E-92B8-9DEADB3311A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "79A46DF2-8EEB-40C8-B1CA-01BC064BD25E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "581E5904-1A2B-49FF-BE3F-D42019AD816B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*", "matchCriteriaId": "B6CC4C83-4FB9-4344-AFCB-C260659F81DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*", "matchCriteriaId": "CAF763B4-58E3-4868-8C92-47DE3E4E5F40", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*", "matchCriteriaId": "8A4FCB77-7FAC-4A4B-851C-2F352B44D3CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*", "matchCriteriaId": "6FEB3923-8F4B-4523-84F9-17D1CFA37F8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*", "matchCriteriaId": "58CD19B4-4BFD-4DE8-B21F-6B6CDE6793C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*", "matchCriteriaId": "7B82BBB7-CD72-4A33-97D4-B1E51A595323", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*", "matchCriteriaId": "6C1D6A40-5DD1-481C-AF85-85705FCE3680", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.10:*:*:*:*:*:*:*", "matchCriteriaId": "DC7125C4-64AF-4A3B-BBD6-1A56660A2D90", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.11:*:*:*:*:*:*:*", "matchCriteriaId": "83AE5BA5-09FF-4AF8-B4E8-4D372A208E2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "B4E0D099-C149-4923-A06C-200A23CEA943", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en Sendmail anterior a v8.13.2 permite a atacantes remotos producir una denegaci\u00f3n de servicio (ca\u00edda de demonio) y posiblemente ejecutar c\u00f3digo de forma arbitraria a trav\u00e9s de la cabecera X- como se demostr\u00f3 mediante la cabecera de prueba X-."}], "id": "CVE-2009-1490", "lastModified": "2024-11-21T01:02:35.073", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-05-05T19:30:00.170", "references": [{"source": "cve@mitre.org", "url": "http://www.nmrc.org/~thegnome/blog/apr09/"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.sendmail.org/releases/8.13.2"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.nmrc.org/~thegnome/blog/apr09/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.sendmail.org/releases/8.13.2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Based on our analysis this issue does not have a security consequence and does not lead to a buffer overflow or denial of service. For more details of our technical evaluation see\nhttps://bugzilla.redhat.com/show_bug.cgi?id=499252#c18", "lastModified": "2009-05-07T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object