CVE-2009-0796 — Vulnetix

CVE-2009-0796 PUBLISHED CVSS 9.300000190734863 CRITICAL

Une vulnérabilité dans le module mod_perl pour Apache permet à une personne distante malintentionnée de réaliser une injection de code indirecte (<span class="textit">cross site scripting</span>).

EPSS 59.96% · 98.3th percentile

Risk Scores

CVSS 4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS Score

59.96%

98.3th percentile

Affected Products

Vendor	Product	Versions
Apache	N/A

Exploit Intelligence

sample exploit of buffer overflow in libpng (github-poc)
sample exploit of buffer overflow in libpng (github-poc)
sample exploit of buffer overflow in libpng (github-poc)
sample exploit of buffer overflow in libpng (github-poc)
sample exploit of buffer overflow in libpng (github-poc)
sample exploit of buffer overflow in libpng (github-poc)
A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled. (github-poc)
A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled. (github-poc)
A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled. (github-poc)
A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled. (github-poc)

…and 40 more exploits

Timeline

Apr 7, 2009 CVE Published
Dec 17, 2009 CVE Updated
Jul 30, 2010 PoC Published
Feb 4, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Jul 18, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Mar 7, 2023 EPSS Score
May 25, 2023 EPSS Score

References

http://support.apple.com/kb/HT4435 advisory
https://cert.ssi.gouv.fr/avis/CERTA-2009-AVI-149/ advisory
https://cert.ssi.gouv.fr/avis/CERTA-2010-AVI-548/ advisory

Open in Interactive Console →