CyberSecurityBoard
Sponsor Register Login

CVE-2009-3448

npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a malloc operation. NOTE: some of these details are obtained from third party information.

Publication date: Thu, 17 Aug 2017 06:31:00 +0000


Cyber News related to CVE-2009-3448

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago
CVE-2023-22400 - An Uncontrolled Resource Consumption vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS). When a ...
2 years ago
CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago
CVE-2009-3448 - npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a ...
1 year ago
CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
55 years ago Tenable.com
CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
5 years ago
CVE-2023-3448 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
2 days ago Tenable.com
CVE-2006-3448 - Buffer overflow in the Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and Professional, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a long Syllabus string in crafted bookmark link files (cbo, ...
6 years ago
CVE-2024-3448 - Users with low privileges can perform certain AJAX actions. In this vulnerability instance, improper access to ajax?action=plugin:focus:checkIframeAvailability leads to a Server-Side Request Forgery by analyzing the error messages returned from the ...
10 months ago Tenable.com
CVE-2011-3448 - Heap-based buffer overflow in CoreMedia in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. ...
13 years ago
CVE-2005-3448 - Unspecified vulnerability in the OC4J Module in Oracle Application Server 9.0 up to 10.1.2.0.2 has unknown impact and attack vectors, as identified by Oracle Vuln# AS01. ...
12 years ago
CVE-2013-3448 - Cisco WebEx Meetings Server does not check whether a user account is active, which allows remote authenticated users to bypass intended access restrictions by performing meeting operations after account deactivation, aka Bug ID CSCuh33315. ...
8 years ago
CVE-2015-3448 - REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log. ...
8 years ago
CVE-2016-3448 - Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0.4 allows remote attackers to affect confidentiality and integrity via unknown vectors. ...
7 years ago
CVE-2007-3448 - Cross-site scripting (XSS) vulnerability in index.php in BugMall Shopping Cart 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the msgs parameter. NOTE: 4.0.2 and other versions might also be affected. ...
7 years ago
CVE-2012-3448 - Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack vectors. ...
6 years ago
CVE-2008-3448 - Cross-site scripting (XSS) vulnerability in index.php in common solutions csphonebook 1.02 allows remote attackers to inject arbitrary web script or HTML via the letter parameter. ...
6 years ago
CVE-2014-3448 - BSS Continuity CMS 4.2.22640.0 has a Remote Code Execution vulnerability due to unauthenticated file upload ...
5 years ago
CVE-2020-3448 - A vulnerability in an access control mechanism of Cisco Cyber Vision Center Software could allow an unauthenticated, remote attacker to bypass authentication and access internal services that are running on an affected device. The vulnerability is ...
4 years ago
CVE-2021-3448 - A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by ...
2 years ago
CVE-2010-3448 - drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 on ThinkPad devices, when the X.Org X server is used, does not properly restrict access to the video output control state, which allows local users to cause a denial of service ...
1 year ago
CVE-2022-3448 - Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: ...
1 year ago
CVE-2009-0795 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0796, CVE-2009-1265. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a different issue. Notes: All CVE users should consult ...
55 years ago Tenable.com
CVE-2009-4778 - Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow ...
14 years ago
CVE-2009-0888 - Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via ...
15 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)