CVE-2009-3575

EUVD-2009-3556
Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, 1.2.0, and other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 86%
Affected Products (NVD)
VendorProductVersion
tatsuhiro_tsujikawaaria2
0.15.3
tatsuhiro_tsujikawaaria2
1.2.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
aria2
bookworm
1.36.0-1
fixed
bullseye
1.35.0-3
fixed
etch
not-affected
sid
1.37.0+debian-2
fixed
trixie
1.37.0+debian-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
aria2
artful
ignored
bionic
not-affected
dapper
dne
hardy
ignored
intrepid
ignored
jaunty
ignored
karmic
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
precise
ignored
quantal
ignored
raring
ignored
saucy
ignored
trusty
not-affected
utopic
ignored
vivid
ignored
wily
ignored
xenial
not-affected
yakkety
ignored
zesty
ignored
References
http://secunia.com/advisories/37971
http://www.debian.org/security/2009/dsa-1957
http://www.mandriva.com/security/advisories?name=MDVSA-2009:226
http://www.securityfocus.com/bid/36332
https://qa.mandriva.com/show_bug.cgi?id=52840
http://secunia.com/advisories/37971
http://www.debian.org/security/2009/dsa-1957
http://www.mandriva.com/security/advisories?name=MDVSA-2009:226
http://www.securityfocus.com/bid/36332
https://qa.mandriva.com/show_bug.cgi?id=52840