Vulnerability Details : CVE-2009-4265
Public exploit exists!
Stack-based buffer overflow in Ideal Administration 2009 9.7.1, and possibly other versions, allows remote attackers to execute arbitrary code via a long Computer value in an .ipj project file.
Vulnerability category: OverflowExecute code
Products affected by CVE-2009-4265
- cpe:2.3:a:pointdev:ideal_administration_2009:9.7.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-4265
65.20%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2009-4265
-
PointDev IDEAL Migration Buffer Overflow
Disclosure Date: 2009-12-05First seen: 2020-04-26exploit/windows/fileformat/ideal_migration_ipjThis module exploits a stack buffer overflow in versions v9.7 through v10.5 of IDEAL Administration and versions 4.5 and 4.51 of IDEAL Migration. All versions are suspected to be vulnerable. By creating a specially crafted ipj file, an attacker may be able
CVSS scores for CVE-2009-4265
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2009-4265
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-4265
-
http://freetexthost.com/abydoz3jwu
404 Not FoundExploit;URL Repurposed
-
http://secunia.com/advisories/37572
Vendor Advisory
-
http://pocoftheday.blogspot.com/2009/12/ideal-administration-2009-v97-local.html
pocofthedayExploit
Jump to