CVE-2009-4661

{"id": "CVE-2009-4661", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-03-03T20:30:00.523", "references": [{"url": "http://www.exploit-db.com/exploits/9695", "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/9734", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en BigAnt Server 2.50 SP6 y versiones anteriores permiten a atacantes remotos asistidos por el usuario provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) mediante un fichero XIP manipulado que no es manejado de manera adecuada cuando la victima usa el elemento de men\u00fa de la consola (1) Update o (2) Plug-In."}], "lastModified": "2017-09-19T01:30:01.187", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bigantsoft:bigant_server:*:sp6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8917F1B4-BA51-42C7-A498-9C2752C03E2C", "versionEndIncluding": "2.50"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}