CVE-2009-2411

critical

Description

Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412.

References

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00485.html

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00469.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11465

http://www.vupen.com/english/advisories/2009/3184

http://www.vupen.com/english/advisories/2009/2180

http://www.ubuntu.com/usn/usn-812-1

http://www.securitytracker.com/id?1022697

http://www.securityfocus.com/bid/35983

http://www.redhat.com/support/errata/RHSA-2009-1203.html

http://www.mandriva.com/security/advisories?name=MDVSA-2009:199

http://www.debian.org/security/2009/dsa-1855

http://svn.haxx.se/dev/archive-2009-08/0110.shtml

http://svn.haxx.se/dev/archive-2009-08/0108.shtml

http://svn.haxx.se/dev/archive-2009-08/0107.shtml

http://svn.collab.net/repos/svn/tags/1.6.4/CHANGES

http://svn.collab.net/repos/svn/tags/1.5.7/CHANGES

http://support.apple.com/kb/HT3937

http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt

http://secunia.com/advisories/36262

http://secunia.com/advisories/36257

http://secunia.com/advisories/36232

http://secunia.com/advisories/36224

http://secunia.com/advisories/36184

http://osvdb.org/56856

http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

http://archives.neohapsis.com/archives/bugtraq/2009-08/0056.html

Details

Source: Mitre, NVD

Published: 2009-08-07

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 8.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical