CVE-2009-0210

{"id": "CVE-2009-0210", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-02-08T22:30:00.233", "references": [{"url": "http://secunia.com/advisories/33837", "source": "cret@cert.org"}, {"url": "http://www.kb.cert.org/vuls/id/337569", "tags": ["US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www.scada-security.com/vulnerabilities/areva1.html", "tags": ["URL Repurposed"], "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/archive/1/500689/100/0/threaded", "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/bid/33637", "source": "cret@cert.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the MLF application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service (system crash) via unspecified vectors, aka PD28578."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en la aplicaci\u00f3n MLF en AREVA e-terrahabitat v5.7 y anteriores, permite a atacantes remotos ejecutar comandos de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) a trav\u00e9s de vectores no especificados. Tambi\u00e9n conocidos como PD28578."}], "lastModified": "2024-02-14T01:17:43.863", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:areva:e-terrahabitat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81433ED5-61A7-406A-BCEA-C0FB80B4B374", "versionEndIncluding": "5.7"}, {"criteria": "cpe:2.3:a:areva:e-terrahabitat:5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8C5CBA7-E0D6-4C2B-AD9F-16707B084C31"}, {"criteria": "cpe:2.3:a:areva:e-terrahabitat:5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00DA6AF7-707F-476F-B204-B6BD870762D0"}], "operator": "OR"}]}], "sourceIdentifier": "cret@cert.org", "evaluatorSolution": "Per http://www.kb.cert.org/vuls/id/337569 \r\n\r\n\"III. Solution \r\n\r\nApply Patch Users of e-terrahabitat version 5.5, 5.6, and 5.7 should apply the e-terrahabitat_560_P20081030_SEC patch immediately.\""}