CVE Vulnerabilities

CVE-2009-1956

Published: Jun 08, 2009 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:P
RedHat/V2
4.3 MODERATE
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V3
Ubuntu
MEDIUM

Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.

Affected Software

Name Vendor Start Version End Version
Apr-util Apache * 1.3.4 (including)
Red Hat Certificate System 7.3 RedHat ant-0:1.6.5-1jpp_1rh *
Red Hat Certificate System 7.3 RedHat avalon-logkit-0:1.2-2jpp_4rh *
Red Hat Certificate System 7.3 RedHat axis-0:1.2.1-1jpp_3rh *
Red Hat Certificate System 7.3 RedHat classpathx-jaf-0:1.0-2jpp_6rh *
Red Hat Certificate System 7.3 RedHat classpathx-mail-0:1.1.1-2jpp_8rh *
Red Hat Certificate System 7.3 RedHat geronimo-specs-0:1.0-0.M4.1jpp_10rh *
Red Hat Certificate System 7.3 RedHat jakarta-commons-modeler-0:2.0-3jpp_2rh *
Red Hat Certificate System 7.3 RedHat log4j-0:1.2.12-1jpp_1rh *
Red Hat Certificate System 7.3 RedHat mx4j-1:3.0.1-1jpp_4rh *
Red Hat Certificate System 7.3 RedHat pcsc-lite-0:1.3.3-3.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-ca-0:7.3.0-20.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-java-tools-0:7.3.0-10.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-kra-0:7.3.0-14.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-manage-0:7.3.0-19.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-native-tools-0:7.3.0-6.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-ocsp-0:7.3.0-13.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-tks-0:7.3.0-13.el4 *
Red Hat Certificate System 7.3 RedHat tomcat5-0:5.5.23-0jpp_4rh.16 *
Red Hat Certificate System 7.3 RedHat xerces-j2-0:2.7.1-1jpp_1rh *
Red Hat Certificate System 7.3 RedHat xml-commons-0:1.3.02-2jpp_1rh *
Red Hat Enterprise Linux 3 RedHat httpd-0:2.0.46-73.ent *
Red Hat Enterprise Linux 4 RedHat apr-util-0:0.9.4-22.el4_8.1 *
Red Hat Enterprise Linux 5 RedHat apr-util-0:1.2.7-7.el5_3.1 *
Apache2 Ubuntu dapper *
Apr-util Ubuntu hardy *
Apr-util Ubuntu intrepid *
Apr-util Ubuntu jaunty *
Apr-util Ubuntu upstream *

References