Back to search
CVE-2009-1956
Published: Jun 6, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
35487
third-party-advisory
x_refsource_SECUNIA
http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3
x_refsource_CONFIRM
ADV-2009-1907
vdb-entry
x_refsource_VUPEN
FEDORA-2009-5969
vendor-advisory
x_refsource_FEDORA
PK88341
vendor-advisory
x_refsource_AIXAPAR
MDVSA-2009:131
vendor-advisory
x_refsource_MANDRIVA
35395
third-party-advisory
x_refsource_SECUNIA
PK99478
vendor-advisory
x_refsource_AIXAPAR
35284
third-party-advisory
x_refsource_SECUNIA
PK91241
vendor-advisory
x_refsource_AIXAPAR
[oss-security] 20090605 CVE Request (apr-util)
mailing-list
x_refsource_MLIST
35251
vdb-entry
x_refsource_BID
35843
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-6014
vendor-advisory
x_refsource_FEDORA
RHSA-2009:1108
vendor-advisory
x_refsource_REDHAT
HPSBUX02612
vendor-advisory
x_refsource_HP
35797
third-party-advisory
x_refsource_SECUNIA
http://svn.apache.org/viewvc?view=rev&revision=768417
x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
x_refsource_CONFIRM
GLSA-200907-03
vendor-advisory
x_refsource_GENTOO
[dev] 20090424 Re: Buffer overflow in apr_brigade_vprintf() ?
mailing-list
x_refsource_MLIST
oval:org.mitre.oval:def:11567
vdb-entry
signature
x_refsource_OVAL
FEDORA-2009-6261
vendor-advisory
x_refsource_FEDORA
[dev] 20090424 Buffer overflow in apr_brigade_vprintf() ?
mailing-list
x_refsource_MLIST
USN-786-1
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=504390
x_refsource_CONFIRM
34724
third-party-advisory
x_refsource_SECUNIA
37221
third-party-advisory
x_refsource_SECUNIA
35565
third-party-advisory
x_refsource_SECUNIA
ADV-2009-3184
vdb-entry
x_refsource_VUPEN
SSRT100345
vendor-advisory
x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=swg27014463
x_refsource_CONFIRM
APPLE-SA-2009-11-09-1
vendor-advisory
x_refsource_APPLE
MDVSA-2013:150
vendor-advisory
x_refsource_MANDRIVA
35710
third-party-advisory
x_refsource_SECUNIA
RHSA-2009:1107
vendor-advisory
x_refsource_REDHAT
http://support.apple.com/kb/HT3937
x_refsource_CONFIRM
oval:org.mitre.oval:def:12237
vdb-entry
signature
x_refsource_OVAL
USN-787-1
vendor-advisory
x_refsource_UBUNTU
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1888194 [6/13] - /httpd/site/trunk/content/security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073139 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now