CVE Vulnerabilities

CVE-2009-3276

Published: Sep 21, 2009 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Zoran/WinFormsAdvansed/RegeularDataToXML/Form1.cs in WinFormsAdvansed in NASD CORE.NET Terelik (aka corenet1) allows context-dependent attackers to cause a denial of service (CPU consumption) via an input string composed of many alphabetic characters followed by a ! (exclamation point), related to a certain regular expression, aka a ReDoS vulnerability.

Affected Software

Name Vendor Start Version End Version
Corenet1 Nasd 1.2 (including) 1.2 (including)
Corenet1 Nasd 1.7 (including) 1.7 (including)
Corenet1 Nasd 1.8 (including) 1.8 (including)
Corenet1 Nasd 1.9 (including) 1.9 (including)
Corenet1 Nasd 1.10 (including) 1.10 (including)
Corenet1 Nasd 1.12 (including) 1.12 (including)
Corenet1 Nasd 1.13 (including) 1.13 (including)
Corenet1 Nasd 1.15 (including) 1.15 (including)
Corenet1 Nasd 1.17 (including) 1.17 (including)
Corenet1 Nasd 1.18 (including) 1.18 (including)
Corenet1 Nasd 1.19 (including) 1.19 (including)
Corenet1 Nasd 1.24 (including) 1.24 (including)
Corenet1 Nasd 2.7 (including) 2.7 (including)
Corenet1 Nasd 2.8 (including) 2.8 (including)
Corenet1 Nasd 2.9 (including) 2.9 (including)
Corenet1 Nasd 2.11 (including) 2.11 (including)
Corenet1 Nasd 2.12 (including) 2.12 (including)
Corenet1 Nasd 2.13 (including) 2.13 (including)
Corenet1 Nasd 2.14 (including) 2.14 (including)
Corenet1 Nasd 2.15 (including) 2.15 (including)
Corenet1 Nasd 2.16 (including) 2.16 (including)
Corenet1 Nasd 2.17 (including) 2.17 (including)
Corenet1 Nasd 2.18 (including) 2.18 (including)
Corenet1 Nasd 2.19 (including) 2.19 (including)
Corenet1 Nasd 3.2 (including) 3.2 (including)
Corenet1 Nasd 3.11 (including) 3.11 (including)
Corenet1 Nasd 3.12 (including) 3.12 (including)
Corenet1 Nasd 3.13 (including) 3.13 (including)
Corenet1 Nasd 3.14 (including) 3.14 (including)
Corenet1 Nasd 3.15 (including) 3.15 (including)
Corenet1 Nasd 3.16 (including) 3.16 (including)

References