What is CVE-2009-0323?

CVE-2009-0323 is a vulnerability in N/a. Published 2009-01-28.

Is CVE-2009-0323 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2009-0323

Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue functi…

EPSS: 0.735 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

20090128 CORE-2008-1211: Amaya web editor XML and HTML parser vulnerabilities (mailing-list, x_refsource_BUGTRAQ)
www.coresecurity.com/content/amaya-buffer-overflows (x_refsource_MISC)
7902 (exploit, x_refsource_EXPLOIT-DB)
amaya-html-tags-bo(48325) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2009-0323?: CVE-2009-0323 is a vulnerability in N/a. Published 2009-01-28.
Is CVE-2009-0323 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.