CVE-2009-3617
20.10.2009, 17:30
Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a download URI. NOTE: some of these details are obtained from third party information.Enginsight
Vendor | Product | Version |
---|---|---|
tatsuhiro_tsujikawa | aria2 | 𝑥 ≤ 1.6.1 |
tatsuhiro_tsujikawa | aria2 | 0.11.3 |
tatsuhiro_tsujikawa | aria2 | 0.11.4 |
tatsuhiro_tsujikawa | aria2 | 0.11.5 |
tatsuhiro_tsujikawa | aria2 | 0.12.0 |
tatsuhiro_tsujikawa | aria2 | 0.12.1 |
tatsuhiro_tsujikawa | aria2 | 0.13.0 |
tatsuhiro_tsujikawa | aria2 | 0.13.0\+1 |
tatsuhiro_tsujikawa | aria2 | 0.13.1 |
tatsuhiro_tsujikawa | aria2 | 0.13.1\+1 |
tatsuhiro_tsujikawa | aria2 | 0.13.2 |
tatsuhiro_tsujikawa | aria2 | 0.13.2\+1 |
tatsuhiro_tsujikawa | aria2 | 0.14.0 |
tatsuhiro_tsujikawa | aria2 | 0.14.0\+1 |
tatsuhiro_tsujikawa | aria2 | 0.15.0 |
tatsuhiro_tsujikawa | aria2 | 0.15.1 |
tatsuhiro_tsujikawa | aria2 | 0.15.1\+1 |
tatsuhiro_tsujikawa | aria2 | 0.15.1\+2 |
tatsuhiro_tsujikawa | aria2 | 0.15.2 |
tatsuhiro_tsujikawa | aria2 | 0.15.3 |
tatsuhiro_tsujikawa | aria2 | 0.16.0 |
tatsuhiro_tsujikawa | aria2 | 0.16.1 |
tatsuhiro_tsujikawa | aria2 | 0.16.2 |
tatsuhiro_tsujikawa | aria2 | 1.0.0 |
tatsuhiro_tsujikawa | aria2 | 1.1.1 |
tatsuhiro_tsujikawa | aria2 | 1.1.2 |
tatsuhiro_tsujikawa | aria2 | 1.2.0 |
tatsuhiro_tsujikawa | aria2 | 1.3.0 |
tatsuhiro_tsujikawa | aria2 | 1.3.1 |
tatsuhiro_tsujikawa | aria2 | 1.3.2 |
tatsuhiro_tsujikawa | aria2 | 1.3.3 |
tatsuhiro_tsujikawa | aria2 | 1.4.0 |
tatsuhiro_tsujikawa | aria2 | 1.4.1 |
tatsuhiro_tsujikawa | aria2 | 1.5.0 |
tatsuhiro_tsujikawa | aria2 | 1.5.1 |
tatsuhiro_tsujikawa | aria2 | 1.5.2 |
tatsuhiro_tsujikawa | aria2 | 1.6.0 |
𝑥
= Vulnerable software versions

Debian Releases

Ubuntu Releases
Common Weakness Enumeration
References