CVE-2009-2415
memcached - arbitrary code execution
EPSS 12.1%
Description
Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows.
How to fix CVE-2009-2415
To remediate CVE-2009-2415, upgrade the affected package to a fixed version below.
- Debian/memcached—upgrade to 1.4.1-1 or later
- Debian/memcached—upgrade to 1.1.12-1+etch1 or later
Is CVE-2009-2415 being exploited?
Moderate — EPSS is 12.1%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.4.1-1
- from 0, < 1.1.12-1+etch1