JVN/CVE Demo: Cveinfos

CVE

Id: 38381
CVE No.: CVE-2009-0946
Status: Candidate
Description: Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
Phase: Assigned (20090318)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
418807	38381	CVE-2009-0946	CONFIRM:http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5	View
418808	38381	CVE-2009-0946	CONFIRM:http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b	View
418809	38381	CVE-2009-0946	CONFIRM:http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e	View
418810	38381	CVE-2009-0946	CONFIRM:http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog	View
418811	38381	CVE-2009-0946	CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=491384	View
418812	38381	CVE-2009-0946	CONFIRM:http://support.apple.com/kb/HT3549	View
418813	38381	CVE-2009-0946	CONFIRM:http://support.apple.com/kb/HT3613	View
418814	38381	CVE-2009-0946	CONFIRM:http://support.apple.com/kb/HT3639	View
418815	38381	CVE-2009-0946	CONFIRM:http://support.apple.com/kb/HT4435	View
418816	38381	CVE-2009-0946	APPLE:APPLE-SA-2009-05-12	View
418817	38381	CVE-2009-0946	URL:http://lists.apple.com/archives/security-announce/2009/May/msg00002.html	View
418818	38381	CVE-2009-0946	APPLE:APPLE-SA-2009-06-08-1	View
418819	38381	CVE-2009-0946	URL:http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html	View
418820	38381	CVE-2009-0946	APPLE:APPLE-SA-2009-06-17-1	View
418821	38381	CVE-2009-0946	URL:http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html	View
418822	38381	CVE-2009-0946	APPLE:APPLE-SA-2010-11-10-1	View
418823	38381	CVE-2009-0946	URL:http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html	View
418824	38381	CVE-2009-0946	DEBIAN:DSA-1784	View
418825	38381	CVE-2009-0946	URL:http://www.debian.org/security/2009/dsa-1784	View
418826	38381	CVE-2009-0946	GENTOO:GLSA-200905-05	View
418827	38381	CVE-2009-0946	URL:http://security.gentoo.org/glsa/glsa-200905-05.xml	View
418828	38381	CVE-2009-0946	MANDRIVA:MDVSA-2009:243	View
418829	38381	CVE-2009-0946	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:243	View
418830	38381	CVE-2009-0946	REDHAT:RHSA-2009:0329	View
418831	38381	CVE-2009-0946	URL:http://www.redhat.com/support/errata/RHSA-2009-0329.html	View
418832	38381	CVE-2009-0946	REDHAT:RHSA-2009:1061	View
418833	38381	CVE-2009-0946	URL:http://www.redhat.com/support/errata/RHSA-2009-1061.html	View
418834	38381	CVE-2009-0946	REDHAT:RHSA-2009:1062	View
418835	38381	CVE-2009-0946	URL:http://www.redhat.com/support/errata/RHSA-2009-1062.html	View
418836	38381	CVE-2009-0946	SUNALERT:270268	View
418837	38381	CVE-2009-0946	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1	View
418838	38381	CVE-2009-0946	SUSE:SUSE-SR:2009:010	View
418839	38381	CVE-2009-0946	URL:http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html	View
418840	38381	CVE-2009-0946	UBUNTU:USN-767-1	View
418841	38381	CVE-2009-0946	URL:http://www.ubuntu.com/usn/USN-767-1	View
418842	38381	CVE-2009-0946	CERT:TA09-133A	View
418843	38381	CVE-2009-0946	URL:http://www.us-cert.gov/cas/techalerts/TA09-133A.html	View
418844	38381	CVE-2009-0946	BID:34550	View
418845	38381	CVE-2009-0946	URL:http://www.securityfocus.com/bid/34550	View
418846	38381	CVE-2009-0946	OVAL:oval:org.mitre.oval:def:10149	View
418847	38381	CVE-2009-0946	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10149	View
418848	38381	CVE-2009-0946	SECUNIA:34723	View
418849	38381	CVE-2009-0946	URL:http://secunia.com/advisories/34723	View
418850	38381	CVE-2009-0946	SECUNIA:34913	View
418851	38381	CVE-2009-0946	URL:http://secunia.com/advisories/34913	View
418852	38381	CVE-2009-0946	SECUNIA:34967	View
418853	38381	CVE-2009-0946	URL:http://secunia.com/advisories/34967	View
418854	38381	CVE-2009-0946	SECUNIA:35065	View
418855	38381	CVE-2009-0946	URL:http://secunia.com/advisories/35065	View
418856	38381	CVE-2009-0946	SECUNIA:35074	View
418857	38381	CVE-2009-0946	URL:http://secunia.com/advisories/35074	View
418858	38381	CVE-2009-0946	SECUNIA:35198	View
418859	38381	CVE-2009-0946	URL:http://secunia.com/advisories/35198	View
418860	38381	CVE-2009-0946	SECUNIA:35200	View
418861	38381	CVE-2009-0946	URL:http://secunia.com/advisories/35200	View
418862	38381	CVE-2009-0946	SECUNIA:35204	View
418863	38381	CVE-2009-0946	URL:http://secunia.com/advisories/35204	View
418864	38381	CVE-2009-0946	SECUNIA:35210	View
418865	38381	CVE-2009-0946	URL:http://secunia.com/advisories/35210	View
418866	38381	CVE-2009-0946	SECUNIA:35379	View
418867	38381	CVE-2009-0946	URL:http://secunia.com/advisories/35379	View
418868	38381	CVE-2009-0946	VUPEN:ADV-2009-1058	View
418869	38381	CVE-2009-0946	URL:http://www.vupen.com/english/advisories/2009/1058	View
418870	38381	CVE-2009-0946	VUPEN:ADV-2009-1297	View
418871	38381	CVE-2009-0946	URL:http://www.vupen.com/english/advisories/2009/1297	View
418872	38381	CVE-2009-0946	VUPEN:ADV-2009-1522	View
418873	38381	CVE-2009-0946	URL:http://www.vupen.com/english/advisories/2009/1522	View
418874	38381	CVE-2009-0946	VUPEN:ADV-2009-1621	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
40713	JVNDB-2009-001719	Apple iTunes におけるバッファオーバーフローの脆弱性	Apple iTunes には、itms: URL に関する処理に不備があることにより、スタックベースのバッファオーバーフローの脆弱性が存在します。	CVE-2009-0950	38381	9.3		http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001719.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.37 MB
View render complete	2.89 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.85
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	695.82
Event: Controller.beforeRender	4.65
» Processing toolbar data	4.56
Rendering View	20.03
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	19.04
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.55
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/38381
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/38381
Remote Port	52538
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.161
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.112.135
Http Via	1.1 squid-proxy-5b5d847c96-sffqh (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.161
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.161
Unique Id	aKdc-yIcL8J7t5sShJULqQAAAZI
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.161
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.161
Redirect Unique Id	aKdc-yIcL8J7t5sShJULqQAAAZI
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.161
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.161
Redirect Redirect Unique Id	aKdc-yIcL8J7t5sShJULqQAAAZI
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1755798779.2711
Request Time	1755798779

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files