LiveActive security incident?Get immediate response
CVE archive

August 2009

Browse CVE records published in August 2009, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 343 matching CVEs · Page 1 of 7.

High · CVSS 8.6

CVE-2009-20008: Green Dam 3.17 URL Processing Buffer Overflow

Green Dam Youth Escort version 3.17 is vulnerable to a stack-based buffer overflow when processing overly long URLs. The flaw resides in the URL filtering component, which fails to properly validate input length before copying user-supplied data into a fixed-size buffer. A remote attacker can exploit this vulnerability by enticing a user to visit a specially crafted webpage containing a long URL, resulting in arbitrary code execution.

Published Aug 30, 2025 · Updated May 25, 2026

Critical · CVSS 10

CVE-2009-20011: ContentKeeper Web Appliance < 125.10 RCE via mimencode

ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 are vulnerable to remote command execution due to insecure handling of file uploads via the mimencode CGI utility. The vulnerability allows unauthenticated attackers to upload and execute arbitrary scripts as the Apache user. Additionally, the exploit can optionally escalate privileges by abusing insecure PATH usage in the benetool binary, resulting in root-level access if successful.

Published Aug 30, 2025 · Updated May 15, 2026

Critical · CVSS 9.3

CVE-2009-20010: Dogfood CRM spell.php RCE

Dogfood CRM version 2.0.10 contains a remote command execution vulnerability in the spell.php script used by its mail subsystem. The vulnerability arises from unsanitized user input passed via a POST request to the data parameter, which is processed by the underlying shell without adequate escaping. This allows attackers to inject arbitrary shell commands and execute them on the server. The flaw is exploitable without authentication and was discovered by researcher LSO.

Published Aug 30, 2025 · Updated May 15, 2026

Critical · CVSS 9.3

CVE-2009-20009: Belkin Bulldog Plus Web Service Buffer Overflow

Belkin Bulldog Plus version 4.0.2 build 1219 contains a stack-based buffer overflow vulnerability in its web service authentication handler. When a specially crafted HTTP request is sent with an oversized Authorization header, the application fails to properly validate the input length before copying it into a fixed-size buffer, resulting in memory corruption and potential remote code execution. Exploitation requires network access and does not require prior authentication.

Published Aug 30, 2025 · Updated May 15, 2026

High · CVSS 8.4

CVE-2009-20004: gAlan <= 0.2.1 Buffer Overflow

gAlan 0.2.1, a modular audio processing environment for Windows, is vulnerable to a stack-based buffer overflow when parsing .galan files. The application fails to properly validate the length of input data, allowing a specially crafted file to overwrite the stack and execute arbitrary code. Exploitation requires local interaction, typically by convincing a user to open the malicious file.

Published Aug 21, 2025 · Updated May 15, 2026

High · CVSS 8.4

CVE-2009-20003: Xenorate <= 2.50 .xpl File Stack-Based Buffer Overflow

Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrites the Structured Exception Handler (SEH) and enables arbitrary code execution. Exploitation requires local interaction, typically by convincing a user to open the crafted file.

Published Aug 21, 2025 · Updated May 15, 2026

High · CVSS 8.4

CVE-2009-20002: Millenium MP3 Studio <= 2.0 .pls File Stack-Based Buffer Overflow

Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser.

Published Aug 21, 2025 · Updated May 15, 2026

Critical · CVSS 9.3

CVE-2009-10006: UFO: Alien Invasion <= 2.2.1 IRC Client Buffer Overflow

UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow vulnerability in its built-in IRC client component. When the client connects to an IRC server and receives a crafted numeric reply (specifically a 001 message), the application fails to properly validate the length of the response string. This results in a stack-based buffer overflow, which may corrupt control flow structures and allow arbitrary code execution. The vulnerability is triggered during automatic IRC connection handling and does not require user interaction beyond launching the game.

Published Aug 22, 2025 · Updated May 15, 2026

High · CVSS 8.7

CVE-2009-10005: ContentKeeper Web Appliance < 125.10 Arbitrary File Access via mimencode

ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 expose the mimencode binary via a CGI endpoint, allowing unauthenticated attackers to retrieve arbitrary files from the filesystem. By crafting a POST request to /cgi-bin/ck/mimencode with traversal and output parameters, attackers can read sensitive files such as /etc/passwd outside the webroot.

Published Aug 20, 2025 · Updated May 15, 2026

Medium · CVSS 5.5

CVE-2009-2857: The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interactio...

The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file.

Published Aug 19, 2009 · Updated Jan 21, 2025

Critical · CVSS 9.8

CVE-2009-2494: The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gol...

The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability."

Published Aug 12, 2009 · Updated Jan 21, 2025

Medium · CVSS 6.5

CVE-2009-2416: Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1...

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.

Published Aug 11, 2009 · Updated Jan 21, 2025

High · CVSS 8.8

CVE-2009-1544: Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users...

Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold, SP1, or SP2 or Server 2008 Gold or SP2 system, aka "Workstation Service Memory Corruption Vulnerability."

Published Aug 12, 2009 · Updated Oct 21, 2024

Unknown · CVSS Not scored

CVE-2009-2861: The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200...

The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664.

Published Aug 27, 2009 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2009-3012: Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre does not properly block data: URIs in L...

Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre does not properly block data: URIs in Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Location header that contains JavaScript sequences in a data:text/html URI or (2) entering a data:text/html URI with JavaScript sequences when specifying the content of a Location header. NOTE: the JavaScript executes outside of the context of the HTTP site.

Published Aug 31, 2009 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2009-4995: Cross-site scripting (XSS) vulnerability in frmTickets.aspx in SmarterTools SmarterTrack before 4.0.3504 al...

Cross-site scripting (XSS) vulnerability in frmTickets.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the email address field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Aug 25, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2009-2856: Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a...

Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to establish an authenticated and encrypted connection, which might allow remote attackers to read cleartext VDI configuration-data requests by sniffing LDAP sessions on the network.

Published Aug 18, 2009 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2009-3004: Avant Browser 11.7 Builds 35 and 36 allows remote attackers to spoof the address bar, via window.open with...

Avant Browser 11.7 Builds 35 and 36 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site containing that page. NOTE: a related attack was reported in which an arbitrary file: URL is shown.

Published Aug 28, 2009 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2009-2850: Multiple buffer overflows in NASA Common Data Format (CDF) allow context-dependent attackers to execute arb...

Multiple buffer overflows in NASA Common Data Format (CDF) allow context-dependent attackers to execute arbitrary code, as demonstrated using (1) an array index error in the ReadAEDRList64 function, and other errors in the (2) SearchForRecord_r_64, (3) LastRecord64, (4) CDFsel64, and other unspecified functions.

Published Aug 18, 2009 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2009-2974: Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote attackers to (1) cause a denial of service...

Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote attackers to (1) cause a denial of service (application hang) via vectors involving a chromehtml: URI value for the document.location property or (2) cause a denial of service (application hang and CPU consumption) via vectors involving a series of function calls that set a chromehtml: URI value for the document.location property.

Published Aug 27, 2009 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2009-5085: IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID provider, d...

IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID provider, does not delete the site information cookie in response to a user's deletion of a relying-party trust entry, which allows user-assisted remote attackers to bypass intended trust restrictions via vectors that trigger absence of the consent-to-authenticate page.

Published Aug 12, 2011 · Updated Sep 16, 2024