VDB
CVE-2009-2415
CVE-2009-2415
PUBLISHED
CVSS 10 CRITICAL
Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows.
EPSS 12.08% · 93.9th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
12.08%
93.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| memcachedb | memcached | 1.1.12, 1.2.2 |
Exploit Intelligence
- DSA-1853 (circl)
- http://security.debian.org/pool/updates/main/m/memcached/memcached_1.2.2-1+lenny1.diff.gz (circl)
- 56906 (circl)
- 35989 (circl)
- 36133 (circl)
- http://security.debian.org/pool/updates/main/m/memcached/memcached_1.1.12-1+etch1.diff.gz (circl)
- 37729 (circl)
- FEDORA-2009-12552 (circl)
Timeline
- Aug 10, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- DSA-1853 vendor-advisory
- http://security.debian.org/pool/updates/main/m/memcached/memcached_1.2.2-1+lenny1.diff.gz url
- 56906 vdb
- 35989 vdb
- 36133 third-party-advisory
- http://security.debian.org/pool/updates/main/m/memcached/memcached_1.1.12-1+etch1.diff.gz url
- 37729 third-party-advisory
- FEDORA-2009-12552 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2009-2415 advisory