Sign-up

ID

VAR-200911-0271


CVE

CVE-2009-2823


TITLE

Web servers enable HTTP TRACE method by default

Trust: 0.8

sources: CERT/CC: VU#867593

DESCRIPTION

The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software. The HTTP TRACE method returns the contents of client HTTP requests in the entity-body of the TRACE response. Attackers could leverage this behavior to access sensitive information, such as cookies or authentication data, contained in the HTTP headers of the request. The attacker may exploit this issue to steal cookie-based authentication credentials and carry out other attacks. NOTE: This issue was previously covered in BID 36956 (Apple Mac OS X 2009-006 Multiple Security Vulnerabilities), but has been assigned its own record to better document it. This update provides a solution to this vulnerability. Update: The wrong package was uploaded for 2009.1. This update addresses that problem. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2823 http://www.kb.cert.org/vuls/id/867593 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.1: d20085bdf2db6c017ae2bbd1e66b95a3 2009.1/i586/apache-conf-2.2.11-5.1mdv2009.1.i586.rpm 528faefad6aa4272aa1f4eb028ffa738 2009.1/SRPMS/apache-conf-2.2.11-5.1mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: 3621be7e9f192f73f0c0435891d5ee1e 2009.1/x86_64/apache-conf-2.2.11-5.1mdv2009.1.x86_64.rpm 528faefad6aa4272aa1f4eb028ffa738 2009.1/SRPMS/apache-conf-2.2.11-5.1mdv2009.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLRcf1mqjQ0CJFipgRAu1hAKD028okjckw8ACr/FJhfKYKLYaWKACfYIQK uxRECffkMfmnBqa56GkQhAA= =MP9m -----END PGP SIGNATURE----- . Update: Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers

Trust: 3.24

sources: NVD: CVE-2009-2823 // CERT/CC: VU#867593 // JVNDB: JVNDB-2009-002323 // BID: 36990 // BID: 36956 // VULHUB: VHN-40269 // PACKETSTORM: 84916 // PACKETSTORM: 84920 // PACKETSTORM: 82720

AFFECTED PRODUCTS

vendor:applemodel:mac os x serverscope:eqversion:10.1.2

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2.6

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.1.4

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2.0

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2.5

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.1.0

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2.4

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.1.5

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2.8

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.2.7

Trust: 1.6

vendor:applemodel:mac os x serverscope:eqversion:10.5.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2.5

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.5.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.1.5

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.5.4

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.5.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.0.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.6

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.6

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.1.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.0.0

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.0.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.1.1

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.5.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.5.5

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.5

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.0

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.5

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.9

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.1.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.5.7

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.5

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.3

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.9

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2.2

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.5.7

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.7

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2.7

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.4

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.8

Trust: 1.0

vendor:applemodel:mac os xscope:lteversion:10.6.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.0.4

Trust: 1.0

vendor:applemodel:mac os x serverscope:lteversion:10.6.1

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.0.4

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.7

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.8

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.8

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.6

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.10

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.5.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.9

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.1.3

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.5.8

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.1.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.5.6

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.5.6

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.5.0

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.2

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.5

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.5.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.0.3

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.0.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2.6

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.1

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.0.1

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.0.1

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.0.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.11

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.1

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.11

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.5.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.6

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.0

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.2.1

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.6

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.5

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.1.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2.3

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.2.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.5

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.1

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.5.5

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.1.2

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.2.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.7

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.7

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.4.10

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.3

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.8

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.5.8

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.4.6

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.2

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.5.3

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.9

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.2.8

Trust: 1.0

vendor:apachemodel: - scope: - version: -

Trust: 0.8

vendor:ibmmodel: - scope: - version: -

Trust: 0.8

vendor:lotusmodel: - scope: - version: -

Trust: 0.8

vendor:microsoftmodel: - scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel: - scope: - version: -

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.6

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.6.1

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6.1

Trust: 0.8

vendor:applemodel:mac os serverscope:eqversion:x10.6.1

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.8

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.7

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.6

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.5

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.4

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.3

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.2

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5.1

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.6

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.6.1

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.8

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.7

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.6

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.5

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.4

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.3

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.2

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5.1

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.6

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.5

Trust: 0.6

vendor:applemodel:mac os serverscope:neversion:x10.6.2

Trust: 0.6

vendor:applemodel:mac osscope:neversion:x10.6.2

Trust: 0.6

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2010.0

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2010.0

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2009.1

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2009.1

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2009.0

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2009.0

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2008.0

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2008.0

Trust: 0.3

vendor:mandrakesoftmodel:multi network firewallscope:eqversion:2.0

Trust: 0.3

vendor:mandrakesoftmodel:enterprise server x86 64scope:eqversion:5

Trust: 0.3

vendor:mandrakesoftmodel:enterprise serverscope:eqversion:5

Trust: 0.3

vendor:mandrakesoftmodel:corporate server x86 64scope:eqversion:4.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate server x86 64scope:eqversion:3.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate serverscope:eqversion:3.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate serverscope:eqversion:4.0

Trust: 0.3

sources: CERT/CC: VU#867593 // BID: 36990 // BID: 36956 // JVNDB: JVNDB-2009-002323 // CNNVD: CNNVD-200911-098 // NVD: CVE-2009-2823

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2009-2823
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#867593
value: 3.71

Trust: 0.8

NVD: CVE-2009-2823
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200911-098
value: MEDIUM

Trust: 0.6

VULHUB: VHN-40269
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2009-2823
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-40269
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#867593 // VULHUB: VHN-40269 // JVNDB: JVNDB-2009-002323 // CNNVD: CNNVD-200911-098 // NVD: CVE-2009-2823

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-40269 // JVNDB: JVNDB-2009-002323 // NVD: CVE-2009-2823

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 84916 // PACKETSTORM: 84920 // PACKETSTORM: 82720 // CNNVD: CNNVD-200911-098

TYPE

xss

Trust: 0.9

sources: PACKETSTORM: 84916 // PACKETSTORM: 84920 // PACKETSTORM: 82720 // CNNVD: CNNVD-200911-098

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2009-002323

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-40269

PATCH
title:HT3937url:http://support.apple.com/kb/HT3937
Trust: 0.8
title:HT3937url:http://support.apple.com/kb/HT3937?viewlocale=ja_JP
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2009-002323

EXTERNAL IDS
db:NVDid:CVE-2009-2823
Trust: 3.1
db:VUPENid:ADV-2009-3184
Trust: 2.5
db:BIDid:36956
Trust: 2.0
db:CERT/CCid:VU#867593
Trust: 1.1
db:SECUNIAid:13090
Trust: 0.8
db:JVNDBid:JVNDB-2009-002323
Trust: 0.8
db:CNNVDid:CNNVD-200911-098
Trust: 0.7
db:APPLEid:APPLE-SA-2009-11-09-1
Trust: 0.6
db:MANDRIVAid:MDVSA-2009:300
Trust: 0.6
db:BIDid:36990
Trust: 0.4
db:PACKETSTORMid:84920
Trust: 0.2
db:PACKETSTORMid:84916
Trust: 0.2
db:PACKETSTORMid:82720
Trust: 0.2
db:VULHUBid:VHN-40269
Trust: 0.1
sources:
            
            
            CERT/CC: VU#867593 // 
            
            
            
            VULHUB: VHN-40269 // 
            
            
            
            BID: 36990 // 
            
            
            
            BID: 36956 // 
            
            
            
            JVNDB: JVNDB-2009-002323 // 
            
            
            
            PACKETSTORM: 84916 // 
            
            
            
            PACKETSTORM: 84920 // 
            
            
            
            PACKETSTORM: 82720 // 
            
            
            
            CNNVD: CNNVD-200911-098 // 
            
            
            
            NVD: CVE-2009-2823

REFERENCES
url:http://www.vupen.com/english/advisories/2009/3184
Trust: 2.5
url:http://lists.apple.com/archives/security-announce/2009/nov/msg00000.html
Trust: 1.7
url:http://www.securityfocus.com/bid/36956
Trust: 1.7
url:http://support.apple.com/kb/ht3937
Trust: 1.7
url:http://www.mandriva.com/security/advisories?name=mdvsa-2009:300
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2823
Trust: 1.1
url:http://www.ietf.org/rfc/rfc2616.txt
Trust: 0.8
url:http://www.cgisecurity.com/whitehat-mirror/wh-whitepaper_xst_ebook.pdf
Trust: 0.8
url:http://www.microsoft.com/technet/security/tools/urlscan.asp
Trust: 0.8
url:http://httpd.apache.org/docs/mod/mod_rewrite.html
Trust: 0.8
url:http://msdn.microsoft.com/workshop/author/dhtml/httponly_cookies.asp
Trust: 0.8
url:http://www.w3.org/dom/
Trust: 0.8
url:http://msdn.microsoft.com/library/default.asp?url=/workshop/author/dhtml/dhtml_node_entry.asp
Trust: 0.8
url:http://msdn.microsoft.com/workshop/author/dhtml/reference/properties/cookie.asp
Trust: 0.8
url:http://msdn.microsoft.com/library/default.asp?url=/library/en-us/xmlsdk/htm/xml_obj_ixmlhttprequest_8bp0.asp
Trust: 0.8
url:http://www.apacheweek.com/issues/03-01-24#news
Trust: 0.8
url:http://secunia.com/advisories/13090/
Trust: 0.8
url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57670-1
Trust: 0.8
url:http://sunsolve.sun.com/search/document.do?assetkey=1-66-200942-1
Trust: 0.8
url:http://www-1.ibm.com/support/docview.wss?&uid=swg21201202
Trust: 0.8
url:http://blogs.sun.com/meena/entry/disabling_trace_in_sun_java
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2823
Trust: 0.8
url:http://software.cisco.com/download/navigator.html?mdfid=283613663
Trust: 0.3
url:http://www.apple.com/macosx/
Trust: 0.3
url:http://www.mandriva.com/security/
Trust: 0.3
url:http://www.kb.cert.org/vuls/id/867593
Trust: 0.3
url:http://www.mandriva.com/security/advisories
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2009-2823
Trust: 0.3
sources:
            
            
            CERT/CC: VU#867593 // 
            
            
            
            VULHUB: VHN-40269 // 
            
            
            
            BID: 36990 // 
            
            
            
            BID: 36956 // 
            
            
            
            JVNDB: JVNDB-2009-002323 // 
            
            
            
            PACKETSTORM: 84916 // 
            
            
            
            PACKETSTORM: 84920 // 
            
            
            
            PACKETSTORM: 82720 // 
            
            
            
            CNNVD: CNNVD-200911-098 // 
            
            
            
            NVD: CVE-2009-2823

CREDITS
Brian Mastenbrook
Regis Duchesne
Nicolas Joly
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200911-098

SOURCES
db:CERT/CCid:VU#867593
db:VULHUBid:VHN-40269
db:BIDid:36990
db:BIDid:36956
db:JVNDBid:JVNDB-2009-002323
db:PACKETSTORMid:84916
db:PACKETSTORMid:84920
db:PACKETSTORMid:82720
db:CNNVDid:CNNVD-200911-098
db:NVDid:CVE-2009-2823

LAST UPDATE DATE
2024-08-14T13:15:15.477000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#867593date:2009-08-17T00:00:00
db:VULHUBid:VHN-40269date:2009-11-24T00:00:00
db:BIDid:36990date:2010-01-07T15:52:00
db:BIDid:36956date:2009-11-11T20:56:00
db:JVNDBid:JVNDB-2009-002323date:2009-12-15T00:00:00
db:CNNVDid:CNNVD-200911-098date:2009-11-10T00:00:00
db:NVDid:CVE-2009-2823date:2009-11-24T07:02:26.437

SOURCES RELEASE DATE
db:CERT/CCid:VU#867593date:2003-01-24T00:00:00
db:VULHUBid:VHN-40269date:2009-11-10T00:00:00
db:BIDid:36990date:2009-11-09T00:00:00
db:BIDid:36956date:2009-11-09T00:00:00
db:JVNDBid:JVNDB-2009-002323date:2009-12-15T00:00:00
db:PACKETSTORMid:84916date:2010-01-07T19:00:49
db:PACKETSTORMid:84920date:2010-01-07T19:30:34
db:PACKETSTORMid:82720date:2009-11-18T13:32:22
db:CNNVDid:CNNVD-200911-098date:2009-11-10T00:00:00
db:NVDid:CVE-2009-2823date:2009-11-10T19:30:01.233