JVN/CVE Demo: Nvdinfos

NVD

Id: 49660
Name: CVE-2009-2414
Description: Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework.
Reject
CVSS Version: 2
CVSS Score: 4.3
Severity: Medium
CVSS Base Score: 4.3
CVSS Impact Subscore: 2.9
CVSS Exploit Subscore: 8.6
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Pub Date: 2017-01-07
Published: 2009-08-11
Modified Date: 2014-10-24
Seq: 2009-2414

Actions

Related NVD References

Id	NVD Id	NVD No.	Reference	Actions
250996	49660	CVE-2009-2414	http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html	View
250997	49660	CVE-2009-2414	APPLE-SA-2009-11-09-1	View
250998	49660	CVE-2009-2414	APPLE-SA-2009-11-11-1	View
250999	49660	CVE-2009-2414	APPLE-SA-2010-06-21-1	View
251000	49660	CVE-2009-2414	SUSE-SR:2009:015	View
251001	49660	CVE-2009-2414	oval:org.mitre.oval:def:10129	View
251002	49660	CVE-2009-2414	oval:org.mitre.oval:def:8639	View
251003	49660	CVE-2009-2414	http://support.apple.com/kb/HT3937	View
251004	49660	CVE-2009-2414	http://support.apple.com/kb/HT3949	View
251005	49660	CVE-2009-2414	http://support.apple.com/kb/HT4225	View
251006	49660	CVE-2009-2414	http://www.cert.fi/en/reports/2009/vulnerability2009085.html	View
251007	49660	CVE-2009-2414	http://www.codenomicon.com/labs/xml/	View
251008	49660	CVE-2009-2414	DSA-1859	View
251009	49660	CVE-2009-2414	[debian-bugs-dist] 20090810 Bug#540865: libxml2: CVE-2009-2414, CVE-2009-2416 pointer-user-after-free and stack overflow because of function recursion	View
251010	49660	CVE-2009-2414	http://www.networkworld.com/columnists/2009/080509-xml-flaw.html	View
251011	49660	CVE-2009-2414	http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html	View
251012	49660	CVE-2009-2414	20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components	View
251013	49660	CVE-2009-2414	36010	View
251014	49660	CVE-2009-2414	USN-815-1	View
251015	49660	CVE-2009-2414	http://www.vmware.com/security/advisories/VMSA-2009-0016.html	View
251016	49660	CVE-2009-2414	ADV-2009-2420	View
251017	49660	CVE-2009-2414	ADV-2009-3184	View
251018	49660	CVE-2009-2414	ADV-2009-3217	View
251019	49660	CVE-2009-2414	ADV-2009-3316	View
251020	49660	CVE-2009-2414	https://bugzilla.redhat.com/show_bug.cgi?id=515195	View
251021	49660	CVE-2009-2414	https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59	View
251022	49660	CVE-2009-2414	FEDORA-2009-8491	View
251023	49660	CVE-2009-2414	FEDORA-2009-8498	View
251024	49660	CVE-2009-2414	FEDORA-2009-8580	View

Related JVN

Id	Name	Title	Summary	Cveinfo Name	Cveinfo Id	Nvdinfo Name	Nvdinfo Id	Cvssv2	Cvssv3	Jvnurl	Published Date	Last Updated Date	Actions
41011	JVNDB-2009-002017	libxml2 および libxml における DTD 内の要素宣言の処理に関するサービス運用妨害 (DoS) の脆弱性	libxml2 および libxml には、DTD 内の要素宣言の処理に不備があるため、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。	CVE-2009-2414	39845	CVE-2009-2414	49660	4.3		http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002017.html	2009-08-11	2010-07-13	View

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.49 MB
Controller render start	2.32 MB
View render complete	17.44 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.76
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	269.33
Event: Controller.beforeRender	5.72
» Processing toolbar data	5.63
Rendering View	726.82
» Event: View.beforeRender	0.02
» Rendering APP/View/Nvdinfos/view.ctp	700.44
» Event: View.afterRender	0.05
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	16.20
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	5.49
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/nvdinfos/view/49660
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/nvdinfos/view/49660
Remote Port	17762
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.142.124.139
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.142.124.139
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.142.124.139
Unique Id	aBQHGRfj2LbAdsNgpHt4_wAAAiw
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.142.124.139
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.142.124.139
Redirect Unique Id	aBQHGRfj2LbAdsNgpHt4_wAAAiw
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.142.124.139
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.142.124.139
Redirect Redirect Unique Id	aBQHGRfj2LbAdsNgpHt4_wAAAiw
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1746143001.7938
Request Time	1746143001

NVD

Actions

Related NVD References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files