CVE-2009-0912: Input Validation
First published: Mon Mar 16 2009(Updated: )
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mandriva Linux | =2008.1 | |
| Mandriva Linux | =2008.0 | |
| Mandriva Linux Corporate Server | =3.0 | |
| Mandriva Multi Network Firewall | =2.0 | |
| Mandriva Linux Corporate Server | =4.0 | |
| Mandriva Linux | =2008.0 | |
| Mandriva Linux | =2008.1 | |
| Mandriva Linux Corporate Server | =3.0 | |
| Mandriva Linux | =2009.0 | |
| Mandriva Linux | =2009.0 | |
| Mandriva Linux Corporate Server | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- vendor/mandriva
- canonical/mandriva linux
- version/mandriva linux/2008.1
- version/mandriva linux/2008.0
- canonical/mandriva linux corporate server
- version/mandriva linux corporate server/3.0
- canonical/mandriva multi network firewall
- version/mandriva multi network firewall/2.0
- version/mandriva linux corporate server/4.0
- version/mandriva linux/2009.0