PT-2009-5858 · Tatsuhiro Tsujikawa · Aria2

Published

2009-10-07

Updated

2009-12-31

CVE-2009-3575

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions aria2 versions 0.15.3 through 1.2.0

Description The issue is related to a buffer overflow in the DHTRoutingTableDeserializer.cc component. This can be exploited by remote attackers to cause a denial of service, potentially leading to a crash, and may also allow the execution of arbitrary code. The exact vectors used for the exploitation are not specified.

Recommendations For versions 0.15.3 through 1.2.0, update to a version that contains a fix for this issue to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-3575

DSA-1957-1

Affected Products

Aria2

PT-2009-5858 · Tatsuhiro Tsujikawa · Aria2

CVE-2009-3575

Related Identifiers

Affected Products

References · 12