CVE-2009-0148

Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as (1) source-code tokens and (2) pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541.

Publication date: Tue, 05 May 2009 22:30:00 +0000

Cyber News related to CVE-2009-0148

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
55 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
5 years ago

CVE-2009-0148 - Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as (1) source-code tokens and (2) pathnames, related to integer overflows in some cases. NOTE: this issue exists because ...
7 years ago

CVE-2017-0144 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 years ago

CVE-2017-0148 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 months ago

CVE-2017-0143 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 years ago

CVE-2017-0145 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 years ago

CVE-2017-0146 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 years ago

CVE-2021-0148 - Insertion of information into log file in firmware for some Intel(R) SSD DC may allow a privileged user to potentially enable information disclosure via local access. ...
3 years ago

CVE-1999-0148 - The handler CGI program in IRIX allows arbitrary command execution. ...
16 years ago

CVE-2003-0148 - The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from ...
16 years ago

CVE-2013-0148 - The Data Camouflage (aka FairCom Standard Encryption) algorithm in FairCom c-treeACE does not ensure that a decryption key is needed for accessing database contents, which allows context-dependent attackers to read cleartext database records by ...
8 years ago

CVE-2006-0148 - NetSarang Xlpd 2.1 allows remote attackers to cause a denial of service (crash) via a large number of connections from the same IP address. ...
7 years ago

CVE-2010-0148 - Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via "a series of TCP packets." Per: ...
7 years ago

CVE-2011-0148 - WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different ...
7 years ago

CVE-2005-0148 - Thunderbird before 0.9, when running on Windows systems, uses the default handler when processing javascript: links, which invokes Internet Explorer and may expose the Thunderbird user to vulnerabilities in the version of Internet Explorer that is ...
7 years ago

CVE-2008-0148 - TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request. ...
7 years ago

CVE-2004-0148 - wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. ...
6 years ago

CVE-2001-0148 - The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability. ...
6 years ago

CVE-2016-0148 - Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, which allows local users to gain privileges via a crafted application, aka ".NET Framework Remote Code Execution Vulnerability." ...
6 years ago

CVE-2007-0148 - Format string vulnerability in OmniGroup OmniWeb 5.5.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in the Javascript alert function. ...
6 years ago

CVE-2000-0148 - MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string. ...
5 years ago

CVE-2020-0148 - In btu_hcif_pin_code_request_evt, btu_hcif_link_key_request_evt, and btu_hcif_link_key_notification_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via ...
4 years ago

Latest Cyber News

CVE-2025-24982 - 7 hours ago
CVE-2025-22475 - 9 hours ago
CVE-2025-1003 - 12 hours ago
CVE-2025-0148 - 13 hours ago
CVE-2025-24957 - 14 hours ago
CVE-2025-24958 - 14 hours ago
CVE-2025-22129 - 14 hours ago
CVE-2025-23210 - 14 hours ago
CVE-2025-24029 - 14 hours ago
CVE-2025-24371 - 14 hours ago
CVE-2025-24901 - 14 hours ago
CVE-2025-24902 - 14 hours ago
CVE-2025-24905 - 14 hours ago
CVE-2025-24906 - 14 hours ago
CVE-2024-35177 - 14 hours ago
CVE-2024-47770 - 14 hours ago
CVE-2025-24960 - 15 hours ago
CVE-2025-24961 - 15 hours ago
CVE-2025-24962 - 15 hours ago
CVE-2025-22918 - 15 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-20141 - 1 day ago
CVE-2024-20142 - 1 day ago
CVE-2024-20147 - 1 day ago
CVE-2025-20631 - 1 day ago
CVE-2025-20632 - 1 day ago
CVE-2025-20633 - 1 day ago
CVE-2025-20634 - 1 day ago
CVE-2025-20635 - 1 day ago
CVE-2025-20636 - 1 day ago
CVE-2025-20637 - 1 day ago
CVE-2025-20638 - 1 day ago
CVE-2025-20639 - 1 day ago
CVE-2025-20640 - 1 day ago
CVE-2025-20641 - 1 day ago
CVE-2025-20642 - 1 day ago
CVE-2025-20643 - 1 day ago
CVE-2025-25062 - 1 day ago
CVE-2025-25063 - 1 day ago
CVE-2024-57966 - 1 day ago
CVE-2024-13347 - 1 day ago