CVE-2009-1436 | SynScan

Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2009-1436

The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file.

Published: Apr 27, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-1436
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.9
AV:L/AC:L/Au:N/C:C/I:N/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
freebsd / freebsd	6.4	6.4.x
freebsd / freebsd	6.3	6.3.x
freebsd / freebsd	7.0-release-p12	7.0-release-p12.x
freebsd / freebsd	7.0	7.0.x
freebsd / freebsd	6.4-stable	6.4-stable.x
freebsd / freebsd	6.4-release_p4	6.4-release_p4.x
freebsd / freebsd	7.2-pre-release	7.2-pre-release.x
freebsd / freebsd	7.1	7.1.x
freebsd / freebsd	6.3-release_p10	6.3-release_p10.x
freebsd / freebsd	7.1-release-p5	7.1-release-p5.x