JVN/CVE Demo: Nvdinfos

NVD

Id: 49662
Name: CVE-2009-2416
Description: Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
Reject
CVSS Version: 2
CVSS Score: 4.3
Severity: Medium
CVSS Base Score: 4.3
CVSS Impact Subscore: 2.9
CVSS Exploit Subscore: 8.6
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Pub Date: 2017-01-07
Published: 2009-08-11
Modified Date: 2014-10-24
Seq: 2009-2416

Actions

Related NVD References

Id	NVD Id	NVD No.	Reference	Actions
251030	49662	CVE-2009-2416	http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html	View
251031	49662	CVE-2009-2416	APPLE-SA-2009-11-09-1	View
251032	49662	CVE-2009-2416	APPLE-SA-2009-11-11-1	View
251033	49662	CVE-2009-2416	APPLE-SA-2010-06-21-1	View
251034	49662	CVE-2009-2416	SUSE-SR:2009:015	View
251035	49662	CVE-2009-2416	oval:org.mitre.oval:def:7783	View
251036	49662	CVE-2009-2416	oval:org.mitre.oval:def:9262	View
251037	49662	CVE-2009-2416	http://support.apple.com/kb/HT3937	View
251038	49662	CVE-2009-2416	http://support.apple.com/kb/HT3949	View
251039	49662	CVE-2009-2416	http://support.apple.com/kb/HT4225	View
251040	49662	CVE-2009-2416	http://www.cert.fi/en/reports/2009/vulnerability2009085.html	View
251041	49662	CVE-2009-2416	http://www.codenomicon.com/labs/xml/	View
251042	49662	CVE-2009-2416	DSA-1859	View
251043	49662	CVE-2009-2416	[debian-bugs-dist] 20090810 Bug#540865: libxml2: CVE-2009-2414, CVE-2009-2416 pointer-user-after-free and stack overflow because of function recursion	View
251044	49662	CVE-2009-2416	http://www.networkworld.com/columnists/2009/080509-xml-flaw.html	View
251045	49662	CVE-2009-2416	http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html	View
251046	49662	CVE-2009-2416	20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components	View
251047	49662	CVE-2009-2416	36010	View
251048	49662	CVE-2009-2416	USN-815-1	View
251049	49662	CVE-2009-2416	http://www.vmware.com/security/advisories/VMSA-2009-0016.html	View
251050	49662	CVE-2009-2416	ADV-2009-2420	View
251051	49662	CVE-2009-2416	ADV-2009-3184	View
251052	49662	CVE-2009-2416	ADV-2009-3217	View
251053	49662	CVE-2009-2416	ADV-2009-3316	View
251054	49662	CVE-2009-2416	https://bugzilla.redhat.com/show_bug.cgi?id=515205	View
251055	49662	CVE-2009-2416	https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59	View
251056	49662	CVE-2009-2416	FEDORA-2009-8491	View
251057	49662	CVE-2009-2416	FEDORA-2009-8498	View
251058	49662	CVE-2009-2416	FEDORA-2009-8580	View

Related JVN

Id	Name	Title	Summary	Cveinfo Name	Cveinfo Id	Nvdinfo Name	Nvdinfo Id	Cvssv2	Cvssv3	Jvnurl	Published Date	Last Updated Date	Actions
41012	JVNDB-2009-002018	libxml2 および libxml の Notation または Enumeration 属性タイプの処理におけるサービス運用妨害 (DoS) の脆弱性	libxml2 および libxml には、XML ファイル内の Notation または Enumeration 属性タイプの処理に不備があるため、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。	CVE-2009-2416	39847	CVE-2009-2416	49662	4.3		http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002018.html	2009-08-11	2010-07-13	View

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.49 MB
Controller render start	2.32 MB
View render complete	17.48 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.63
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	277.22
Event: Controller.beforeRender	4.43
» Processing toolbar data	4.32
Rendering View	630.17
» Event: View.beforeRender	0.02
» Rendering APP/View/Nvdinfos/view.ctp	615.90
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	10.19
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	4.67
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/nvdinfos/view/49662
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/nvdinfos/view/49662
Remote Port	8842
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	13.59.234.246
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	13.59.234.246
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	13.59.234.246
Unique Id	aBA8r3tF0uL1olPRdTeavAAAAfQ
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	13.59.234.246
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	13.59.234.246
Redirect Unique Id	aBA8r3tF0uL1olPRdTeavAAAAfQ
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	13.59.234.246
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	13.59.234.246
Redirect Redirect Unique Id	aBA8r3tF0uL1olPRdTeavAAAAfQ
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1745894575.869
Request Time	1745894575

NVD

Actions

Related NVD References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files