Vulnerability-Lookup

CVE-2009-0216 (GCVE-0-2009-0216)

Vulnerability from cvelistv5 – Published: 2009-02-13 17:00 – Updated: 2024-08-07 04:24

Summary

Severity ?

No CVSS data available.

CWE

Assigner

certcc

References

URL

FKIE_CVE-2009-0216

Vulnerability from fkie_nvd - Published: 2009-02-13 17:30 - Updated: 2026-04-23 00:35

Severity ?

Summary

References

URL	Tags
cret@cert.org	http://support.gefanuc.com/support/index?page=kbchannel&id=S:KB13253&actp=search	Vendor Advisory
cret@cert.org	http://www.kb.cert.org/vuls/id/310355	US Government Resource
cret@cert.org	http://www.mcgrewsecurity.com/2009/02/10/ge-fanuc-releases-info-on-ifix-vulnerabilities-vu-310355/
cret@cert.org	http://www.securityfocus.com/bid/33739
cret@cert.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/48691
af854a3a-2127-422b-91ae-364da2661108	http://support.gefanuc.com/support/index?page=kbchannel&id=S:KB13253&actp=search	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/310355	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mcgrewsecurity.com/2009/02/10/ge-fanuc-releases-info-on-ifix-vulnerabilities-vu-310355/
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33739
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/48691

Impacted products

Vendor	Product	Version
ge_fanuc	ifix	*
ge_fanuc	ifix	2.0
ge_fanuc	ifix	2.2
ge_fanuc	ifix	2.5
ge_fanuc	ifix	2.6
ge_fanuc	ifix	2.21
ge_fanuc	ifix	3.0
ge_fanuc	ifix	3.5
ge_fanuc	ifix	4.0
ge_fanuc	ifix	4.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ge_fanuc:ifix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C381F126-9E7B-49B1-8A2B-E340CC7EE476",
              "versionEndIncluding": "5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge_fanuc:ifix:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1706147A-C9BA-4A94-ACBB-E98D2CDB8F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge_fanuc:ifix:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C407081-C7C5-4E74-AE2C-F743E4765DD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge_fanuc:ifix:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B464E4D-30F5-43D8-9F3B-D56ECE9AB77A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge_fanuc:ifix:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADCE493A-5938-44F9-BC8A-3EB5F1046EE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge_fanuc:ifix:2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE6924D7-7D1F-4DE1-83CE-6547DB48D02D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge_fanuc:ifix:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD7A791B-8966-492B-8E28-6EADCCB45924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge_fanuc:ifix:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "22011323-85E8-43D8-AD8F-3132862E1AB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge_fanuc:ifix:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB61FC7-6BA4-42F0-BC20-C7A49E51B793",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge_fanuc:ifix:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B053BA0C-9BA3-46B3-B178-55D495137A06",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start privileged server login sessions by recovering a password or by using a modified program module."
    },
    {
      "lang": "es",
      "value": "GE Fanuc iFIX v5.0 y versiones anteriores utiliza una autenticaci\u00f3n en el lado del cliente que involucra a un fichero de contrase\u00f1a local con un cifrado d\u00e9bil, permite a atacantes remotos saltarse las restricciones de acceso implementadas e iniciar sesiones de inicio en servidores privilegiados al recuperar una contrase\u00f1a o usando un m\u00f3dulo de programa modificado."
    }
  ],
  "id": "CVE-2009-0216",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-02-13T17:30:00.627",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=S:KB13253\u0026actp=search"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/310355"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.mcgrewsecurity.com/2009/02/10/ge-fanuc-releases-info-on-ifix-vulnerabilities-vu-310355/"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/33739"
    },
    {
      "source": "cret@cert.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=S:KB13253\u0026actp=search"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/310355"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mcgrewsecurity.com/2009/02/10/ge-fanuc-releases-info-on-ifix-vulnerabilities-vu-310355/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33739"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48691"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-9H9R-CR53-4958

Vulnerability from github – Published: 2022-05-02 03:13 – Updated: 2025-04-09 04:04

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-0216"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-02-13T17:30:00Z",
    "severity": "HIGH"
  },
  "details": "GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start privileged server login sessions by recovering a password or by using a modified program module.",
  "id": "GHSA-9h9r-cr53-4958",
  "modified": "2025-04-09T04:04:49Z",
  "published": "2022-05-02T03:13:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0216"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48691"
    },
    {
      "type": "WEB",
      "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=S:KB13253\u0026actp=search"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/310355"
    },
    {
      "type": "WEB",
      "url": "http://www.mcgrewsecurity.com/2009/02/10/ge-fanuc-releases-info-on-ifix-vulnerabilities-vu-310355"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/33739"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-200902-0500

Vulnerability from variot - Updated: 2025-04-10 22:26

GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start privileged server login sessions by recovering a password or by using a modified program module. Vulnerabilities in the way GE Fanuc iFIX handles authentication could allow a remote attacker to log on to the system with elevated privileges. Microsoft Windows fails to properly handle the NoDriveTypeAutoRun registry value, which may prevent Windows from effectively disabling AutoRun and AutoPlay features. GE Fanuc iFIX Is Human Machine Interface With components, Microsoft Windows CE , NT , 2000 , Server 2003 , XP and Vista Work on SCADA client / Server software. iFIX Vulnerabilities exist in authentication. The user name and password are stored in a local file on the client side, and the password is encrypted with a low-strength algorithm. GE Fanuc according to: Attackers can gain copies of this file in two ways. The first way requires that an attacker have an interactive session with the computer containing the file, such as a direct login, or through a remote terminal session, VNC, or some other remote session providing access to a command shell. Using the shell, the attacker can simply copy the file and extract the passwords at some later point. Another way an attacker can gain access to this file is by intercepting the file over the network. This can occur if the file is shared between two computers using Microsoft WindowsR network sharing. In this case, an attacker may be able to recreate the file by using a network sniffer to monitor network traffic between them. iFIX Since authentication is performed within the client, an attacker could tamper and replace the authentication module. GE Fanuc according to: Authentication and authorization of users are implemented through certain program modules. These modules can be modified at the binary level to bypass user authentication. To exploit this type of attack, an attacker needs to be able to launch unauthorized applications from an interactive shell. Also, iFIX Is Technical Cyber Security Alert TA09-020A Published on “Microsoft Windows Notes on disabling the auto-execution function ” There is a possibility of being affected. Any code executed using the auto-execution function iFIX Enviroment Protection May result in the authentication module being tampered with and replaced.An attacker could gain access to a file containing authentication information or intercept network traffic. As a result, by the attacker iFIX Unauthorized access to the system is possible. GE Fanuc iFIX 5.0 are earlier are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

                National Cyber Alert System

          Technical Cyber Security Alert TA09-020A

Microsoft Windows Does Not Disable AutoRun Properly

Original release date: January 20, 2009 Last revised: -- Source: US-CERT

Systems Affected

 * Microsoft Windows

Overview

Disabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code. However, Microsoft's guidelines for disabling AutoRun are not fully effective, which could be considered a vulnerability.

I. Description

Microsoft Windows includes an AutoRun feature, which can automatically run code when removable devices are connected to the computer. AutoRun (and the closely related AutoPlay) can unexpectedly cause arbitrary code execution in the following situations:

A removable device is connected to a computer. This includes, but is not limited to, inserting a CD or DVD, connecting a USB or Firewire device, or mapping a network drive. This connection can result in code execution without any additional user interaction.
A user clicks the drive icon for a removable device in Windows Explorer. Rather than exploring the drive's contents, this action can cause code execution.
The user selects an option from the AutoPlay dialog that is displayed when a removable device is connected. Malicious software, such as W32.Downadup, is using AutoRun to spread. Disabling AutoRun, as specified in the CERT/CC Vulnerability Analysis blog, is an effective way of helping to prevent the spread of malicious code. It will, however, disable Media Change Notification (MCN) messages, which may prevent Windows from detecting when a CD or DVD is changed.

II. Impact

By placing an Autorun.inf file on a device, an attacker may be able to automatically execute arbitrary code when the device is connected to a Windows system. Code execution may also take place when the user attempts to browse to the software location with Windows Explorer.

III. We recommend restarting Windows after making the registry change so that any cached mount points are reinitialized in a way that ignores the Autorun.inf file. Alternatively, the following registry key may be deleted:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2

Once these changes have been made, all of the AutoRun code execution scenarios described above will be mitigated because Windows will no longer parse Autorun.inf files to determine which actions to take. Further details are available in the CERT/CC Vulnerability Analysis blog. Thanks to Nick Brown and Emin Atac for providing the workaround.

IV. References

The Dangers of Windows AutoRun - http://www.cert.org/blogs/vuls/2008/04/the_dangers_of_windows_autorun.html
US-CERT Vulnerability Note VU#889747 - http://www.kb.cert.org/vuls/id/889747
Nick Brown's blog: Memory stick worms - http://nick.brown.free.fr/blog/2007/10/memory-stick-worms
TR08-004 Disabling Autorun - http://www.publicsafety.gc.ca/prg/em/ccirc/2008/tr08-004-eng.aspx
How to Enable or Disable Automatically Running CD-ROMs - http://support.microsoft.com/kb/155217
NoDriveTypeAutoRun - http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/regentry/91525.mspx
Autorun.inf Entries - http://msdn.microsoft.com/en-us/library/bb776823(VS.85).aspx
W32.Downadup - http://www.symantec.com/security_response/writeup.jsp?docid=2008-112203-2408-99
MS08-067 Worm, Downadup/Conflicker - http://www.f-secure.com/weblog/archives/00001576.html
Social Engineering Autoplay and Windows 7 - http://www.f-secure.com/weblog/archives/00001586.html

The most recent version of this document can be found at:

 <http://www.us-cert.gov/cas/techalerts/TA09-020A.html>

Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA09-020A Feedback VU#889747" in the subject.

For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.

Produced 2009 by US-CERT, a government organization.

 <http://www.us-cert.gov/legal.html>

Revision History

January 20, 2009: Initial release

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSXYqQnIHljM+H4irAQL9EAgAwE5XWd+83CTwTl1vAbDW3sNfCaucmj79 VmXJ+GktQorbcp29fktYaQxXZ2A6qBREJ1FfwlM5BT0WftvGppLoQcQO3vbbwEQF M0VG5xZhTOi8tf4nedBDgDj0ENJBgh6C73G5uZfVatQdFi79TFkf9SVe6xn5BkQm 5kKsly0d/CX/te15zZLd05AJVEVilbZcECUeDVAYDvWcQSkx2OsJFb+WkuWI9Loh zkB7uOeZFY9bgrC04nr9DPHpaPFd8KCXegsxjqN1nIraaCabfvNamriqyUFHwAhK sk/DFSjdI6xJ4fXjDQ77wfgLYyTeYQ/b2U/1sqkbOTdCgXqSop5RrA== =6/cp -----END PGP SIGNATURE----- . ----------------------------------------------------------------------

A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.

Download and test it today: https://psi.secunia.com/

Read more about this new version: https://psi.secunia.com/?page=changelog

TITLE: Windows Vista "NoDriveTypeAutoRun" Security Issue

SECUNIA ADVISORY ID: SA29458

VERIFY ADVISORY: http://secunia.com/advisories/29458/

CRITICAL: Not critical

IMPACT: Security Bypass

WHERE: Local system

OPERATING SYSTEM: Microsoft Windows Vista http://secunia.com/product/13223/

DESCRIPTION: CERT/CC has reported a security issue in Windows Vista, which can be exploited by malicious people to bypass certain security settings.

AutoPlay is a feature designed to immediately begin reading from a drive (e.g. run a setup file) when a media is inserted.

Successful exploitation may result in execution of arbitrary code, but requires physical access to a vulnerable system or that a user is tricked into inserting a malicious media (e.g. USB device).

SOLUTION: Restrict access to affected systems.

Do not insert any untrusted media even with the registry key value set to disable AutoPlay for all drives.

PROVIDED AND/OR DISCOVERED BY: Will Dormann and Jeff Gennari, CERT/CC.

ORIGINAL ADVISORY: US-CERT VU#889747: http://www.kb.cert.org/vuls/id/889747

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. This can be exploited to gain knowledge of user names and passwords by obtaining (e.g. by modifying certain used modules.

3) It is possible to bypass the run-time Environment Protection via the Autoplay feature by attaching an external storage device containing an automatically launched script. Use in a trusted network environment only. Description

The presence of a Conficker infection may be detected if a user is unable to surf to the following websites:

http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm
http://www.mcafee.com

If a user is unable to reach either of these websites, a Conficker infection may be indicated (the most current variant of Conficker interferes with queries for these sites, preventing a user from visiting them). If a Conficker infection is suspected, the infected system should be removed from the network. Major anti-virus vendors and Microsoft have released several free tools that can verify the presence of a Conficker infection and remove the worm. Instructions for manually removing a Conficker infection from a system have been published by Microsoft in http://support.microsoft.com/kb/962007. Solution

US-CERT encourages users to prevent a Conficker infection by ensuring all systems have the MS08-067 patch (part of Security Update KB958644, which was published by Miscrosoft in October 2008), disabling AutoRun functionality (see http://www.us-cert.gov/cas/techalerts/TA09-020A.html), and maintaining up-to-date anti-virus software

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200902-0500",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ifix",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge fanuc",
        "version": "2.21"
      },
      {
        "model": "ifix",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge fanuc",
        "version": "4.0"
      },
      {
        "model": "ifix",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge fanuc",
        "version": "2.0"
      },
      {
        "model": "ifix",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge fanuc",
        "version": "3.0"
      },
      {
        "model": "ifix",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge fanuc",
        "version": "3.5"
      },
      {
        "model": "ifix",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge fanuc",
        "version": "2.6"
      },
      {
        "model": "ifix",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge fanuc",
        "version": "2.5"
      },
      {
        "model": "ifix",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge fanuc",
        "version": "4.5"
      },
      {
        "model": "ifix",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ge fanuc",
        "version": "2.2"
      },
      {
        "model": "ifix",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ge fanuc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ge fanuc",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "hmi/scada - ifix",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "ge fanuc",
        "version": "5.0"
      },
      {
        "model": "ifix",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ge fanuc",
        "version": "5.0"
      },
      {
        "model": "fanuc ifix pde",
        "scope": null,
        "trust": 0.3,
        "vendor": "ge",
        "version": null
      },
      {
        "model": "fanuc ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "5.0"
      },
      {
        "model": "fanuc ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "4.5"
      },
      {
        "model": "fanuc ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "4.0"
      },
      {
        "model": "fanuc ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "3.5"
      },
      {
        "model": "fanuc ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "3.0"
      },
      {
        "model": "fanuc ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "2.6"
      },
      {
        "model": "fanuc ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "2.5"
      },
      {
        "model": "fanuc ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "2.21"
      },
      {
        "model": "fanuc ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "2.2"
      },
      {
        "model": "fanuc ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "2.0"
      },
      {
        "model": "fanuc ifix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ifix",
        "version": "2.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ifix",
        "version": "2.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ifix",
        "version": "2.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ifix",
        "version": "2.6"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ifix",
        "version": "2.21"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ifix",
        "version": "3.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ifix",
        "version": "3.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ifix",
        "version": "4.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ifix",
        "version": "4.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ifix",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "a6178710-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CERT/CC",
        "id": "VU#310355"
      },
      {
        "db": "CERT/CC",
        "id": "VU#889747"
      },
      {
        "db": "BID",
        "id": "33739"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-293"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0216"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:ge_fanuc:ifix",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001086"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rayford Vaughn and Robert Wesley McGrew at Mississippi State University.",
    "sources": [
      {
        "db": "BID",
        "id": "33739"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2009-0216",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2009-0216",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "a6178710-23cc-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2009-0216",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#310355",
            "trust": 0.8,
            "value": "1.62"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#889747",
            "trust": 0.8,
            "value": "0.19"
          },
          {
            "author": "NVD",
            "id": "CVE-2009-0216",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200902-293",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "a6178710-23cc-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "a6178710-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CERT/CC",
        "id": "VU#310355"
      },
      {
        "db": "CERT/CC",
        "id": "VU#889747"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-293"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0216"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start privileged server login sessions by recovering a password or by using a modified program module. Vulnerabilities in the way GE Fanuc iFIX handles authentication could allow a remote attacker to log on to the system with elevated privileges. Microsoft Windows fails to properly handle the NoDriveTypeAutoRun registry value, which may prevent Windows from effectively disabling AutoRun and AutoPlay features. GE Fanuc iFIX Is Human Machine Interface With components, Microsoft Windows CE , NT , 2000 , Server 2003 , XP and Vista Work on SCADA client / Server software. iFIX Vulnerabilities exist in authentication. The user name and password are stored in a local file on the client side, and the password is encrypted with a low-strength algorithm. GE Fanuc according to: Attackers can gain copies of this file in two ways. The first way requires that an attacker have an interactive session with the computer containing the file, such as a direct login, or through a remote terminal session, VNC, or some other remote session providing access to a command shell. Using the shell, the attacker can simply copy the file and extract the passwords at some later point. Another way an attacker can gain access to this file is by intercepting the file over the network. This can occur if the file is shared between two computers using Microsoft WindowsR network sharing. In this case, an attacker may be able to recreate the file by using a network sniffer to monitor network traffic between them. iFIX Since authentication is performed within the client, an attacker could tamper and replace the authentication module. GE Fanuc according to: Authentication and authorization of users are implemented through certain program modules. These modules can be modified at the binary level to bypass user authentication. To exploit this type of attack, an attacker needs to be able to launch unauthorized applications from an interactive shell. Also, iFIX Is Technical Cyber Security Alert TA09-020A Published on \u201cMicrosoft Windows Notes on disabling the auto-execution function \u201d There is a possibility of being affected. Any code executed using the auto-execution function iFIX Enviroment Protection May result in the authentication module being tampered with and replaced.An attacker could gain access to a file containing authentication information or intercept network traffic. As a result, by the attacker iFIX Unauthorized access to the system is possible. \nGE Fanuc iFIX 5.0 are earlier are vulnerable. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n                    National Cyber Alert System\n\n              Technical Cyber Security Alert TA09-020A\n\n\nMicrosoft Windows Does Not Disable AutoRun Properly\n\n   Original release date: January 20, 2009\n   Last revised: --\n   Source: US-CERT\n\n\nSystems Affected\n\n     * Microsoft Windows\n\n\nOverview\n\n   Disabling AutoRun on Microsoft Windows systems can help prevent the\n   spread of malicious code. However, Microsoft\u0027s guidelines for\n   disabling AutoRun are not fully effective, which could be\n   considered a vulnerability. \n\n\nI. Description\n\n   Microsoft Windows includes an AutoRun feature, which can\n   automatically run code when removable devices are connected to the\n   computer. AutoRun (and the closely related AutoPlay) can\n   unexpectedly cause arbitrary code execution in the following\n   situations:\n   \n   * A removable device is connected to a computer. This includes, but\n   is not limited to, inserting a CD or DVD, connecting a USB or\n   Firewire device, or mapping a network drive. This connection can\n   result in code execution without any additional user interaction. \n   \n   * A user clicks the drive icon for a removable device in Windows\n   Explorer. Rather than exploring the drive\u0027s contents, this action\n   can cause code execution. \n\n   * The user selects an option from the AutoPlay dialog that is\n   displayed when a removable device is connected.  Malicious\n   software, such as W32.Downadup, is using AutoRun to\n   spread. Disabling AutoRun, as specified in the CERT/CC\n   Vulnerability Analysis blog, is an effective way of helping to\n   prevent the spread of malicious code. It will, however, disable Media\n   Change Notification (MCN) messages, which may prevent Windows from\n   detecting when a CD or DVD is changed. \n\n\nII. Impact\n\n   By placing an Autorun.inf file on a device, an attacker may be able\n   to automatically execute arbitrary code when the device is\n   connected to a Windows system. Code execution may also take place\n   when the user attempts to browse to the software location with\n   Windows Explorer. \n\n\nIII. We recommend\n   restarting Windows after making the registry change so that any\n   cached mount points are reinitialized in a way that ignores the\n   Autorun.inf file. Alternatively, the following registry key may be\n   deleted:\n   \n   HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\n   \n   Once these changes have been made, all of the AutoRun code\n   execution scenarios described above will be mitigated because\n   Windows will no longer parse Autorun.inf files to determine which\n   actions to take. Further details are available in the\n   CERT/CC Vulnerability Analysis blog. Thanks to Nick Brown and Emin\n   Atac for providing the workaround. \n\n\nIV. References\n\n * The Dangers of Windows AutoRun -\n   \u003chttp://www.cert.org/blogs/vuls/2008/04/the_dangers_of_windows_autorun.html\u003e\n\n * US-CERT Vulnerability Note VU#889747 -\n   \u003chttp://www.kb.cert.org/vuls/id/889747\u003e\n\n * Nick Brown\u0027s blog: Memory stick worms -\n   \u003chttp://nick.brown.free.fr/blog/2007/10/memory-stick-worms\u003e\n\n * TR08-004 Disabling Autorun -\n   \u003chttp://www.publicsafety.gc.ca/prg/em/ccirc/2008/tr08-004-eng.aspx\u003e\n\n * How to Enable or Disable Automatically Running CD-ROMs -\n   \u003chttp://support.microsoft.com/kb/155217\u003e\n\n * NoDriveTypeAutoRun -\n   \u003chttp://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/regentry/91525.mspx\u003e\n\n * Autorun.inf Entries -\n   \u003chttp://msdn.microsoft.com/en-us/library/bb776823(VS.85).aspx\u003e\n\n * W32.Downadup -\n   \u003chttp://www.symantec.com/security_response/writeup.jsp?docid=2008-112203-2408-99\u003e\n\n * MS08-067 Worm, Downadup/Conflicker -\n   \u003chttp://www.f-secure.com/weblog/archives/00001576.html\u003e\n\n * Social Engineering Autoplay and Windows 7 -\n   \u003chttp://www.f-secure.com/weblog/archives/00001586.html\u003e\n\n ____________________________________________________________________\n\n   The most recent version of this document can be found at:\n\n     \u003chttp://www.us-cert.gov/cas/techalerts/TA09-020A.html\u003e\n ____________________________________________________________________\n\n   Feedback can be directed to US-CERT Technical Staff. Please send\n   email to \u003ccert@cert.org\u003e with \"TA09-020A Feedback VU#889747\" in\n   the subject. \n ____________________________________________________________________\n\n   For instructions on subscribing to or unsubscribing from this\n   mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n   Produced 2009 by US-CERT, a government organization. \n\n   Terms of use:\n\n     \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n  \n  January 20, 2009: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBSXYqQnIHljM+H4irAQL9EAgAwE5XWd+83CTwTl1vAbDW3sNfCaucmj79\nVmXJ+GktQorbcp29fktYaQxXZ2A6qBREJ1FfwlM5BT0WftvGppLoQcQO3vbbwEQF\nM0VG5xZhTOi8tf4nedBDgDj0ENJBgh6C73G5uZfVatQdFi79TFkf9SVe6xn5BkQm\n5kKsly0d/CX/te15zZLd05AJVEVilbZcECUeDVAYDvWcQSkx2OsJFb+WkuWI9Loh\nzkB7uOeZFY9bgrC04nr9DPHpaPFd8KCXegsxjqN1nIraaCabfvNamriqyUFHwAhK\nsk/DFSjdI6xJ4fXjDQ77wfgLYyTeYQ/b2U/1sqkbOTdCgXqSop5RrA==\n=6/cp\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nWindows Vista \"NoDriveTypeAutoRun\" Security Issue\n\nSECUNIA ADVISORY ID:\nSA29458\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/29458/\n\nCRITICAL:\nNot critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\nLocal system\n\nOPERATING SYSTEM:\nMicrosoft Windows Vista\nhttp://secunia.com/product/13223/\n\nDESCRIPTION:\nCERT/CC has reported a security issue in Windows Vista, which can be\nexploited by malicious people to bypass certain security settings. \n\nAutoPlay is a feature designed to immediately begin reading from a\ndrive (e.g. run a setup file) when a media is inserted. \n\nSuccessful exploitation may result in execution of arbitrary code,\nbut requires physical access to a vulnerable system or that a user is\ntricked into inserting a malicious media (e.g. USB device). \n\nSOLUTION:\nRestrict access to affected systems. \n\nDo not insert any untrusted media even with the registry key value\nset to disable AutoPlay for all drives. \n\nPROVIDED AND/OR DISCOVERED BY:\nWill Dormann and Jeff Gennari, CERT/CC. \n\nORIGINAL ADVISORY:\nUS-CERT VU#889747:\nhttp://www.kb.cert.org/vuls/id/889747\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. This can be exploited\nto gain knowledge of user names and passwords by obtaining (e.g. by modifying certain used modules. \n\n3) It is possible to bypass the run-time Environment Protection via\nthe Autoplay feature by attaching an external storage device\ncontaining an automatically launched script. Use in a\ntrusted network environment only. Description\n\n   The presence of a Conficker infection may be detected if a user is\n   unable to surf to the following websites:\n   \n   * http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm\u0026inid=us_ghp_link_conficker_worm\n   * http://www.mcafee.com\n   \n   If a user is unable to reach either of these websites, a Conficker\n   infection may be indicated (the most current variant of Conficker\n   interferes with queries for these sites, preventing a user from\n   visiting them).  If a Conficker infection is suspected, the\n   infected system should be removed from the network. Major\n   anti-virus vendors and Microsoft have released several free tools\n   that can verify the presence of a Conficker infection and remove\n   the worm. Instructions for manually removing a Conficker infection\n   from a system have been published by Microsoft in\n   http://support.microsoft.com/kb/962007. Solution\n\n   US-CERT encourages users to prevent a Conficker infection by\n   ensuring all systems have the MS08-067 patch (part of Security\n   Update KB958644, which was published by Miscrosoft in October\n   2008), disabling AutoRun functionality (see\n   http://www.us-cert.gov/cas/techalerts/TA09-020A.html), and\n   maintaining up-to-date anti-virus software",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-0216"
      },
      {
        "db": "CERT/CC",
        "id": "VU#310355"
      },
      {
        "db": "CERT/CC",
        "id": "VU#889747"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001086"
      },
      {
        "db": "BID",
        "id": "33739"
      },
      {
        "db": "IVD",
        "id": "a6178710-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "PACKETSTORM",
        "id": "74183"
      },
      {
        "db": "PACKETSTORM",
        "id": "64807"
      },
      {
        "db": "PACKETSTORM",
        "id": "74973"
      },
      {
        "db": "PACKETSTORM",
        "id": "76172"
      }
    ],
    "trust": 3.87
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#310355",
        "trust": 3.6
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0216",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "33739",
        "trust": 2.7
      },
      {
        "db": "USCERT",
        "id": "TA09-020A",
        "trust": 1.8
      },
      {
        "db": "XF",
        "id": "48691",
        "trust": 1.4
      },
      {
        "db": "CERT/CC",
        "id": "VU#889747",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-293",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001086",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "A6178710-23CC-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "SECUNIA",
        "id": "29458",
        "trust": 0.2
      },
      {
        "db": "SECUNIA",
        "id": "33909",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "74183",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "64807",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "74973",
        "trust": 0.1
      },
      {
        "db": "USCERT",
        "id": "TA09-088A",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "76172",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "a6178710-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CERT/CC",
        "id": "VU#310355"
      },
      {
        "db": "CERT/CC",
        "id": "VU#889747"
      },
      {
        "db": "BID",
        "id": "33739"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001086"
      },
      {
        "db": "PACKETSTORM",
        "id": "74183"
      },
      {
        "db": "PACKETSTORM",
        "id": "64807"
      },
      {
        "db": "PACKETSTORM",
        "id": "74973"
      },
      {
        "db": "PACKETSTORM",
        "id": "76172"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-293"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0216"
      }
    ]
  },
  "id": "VAR-200902-0500",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "a6178710-23cc-11e6-abef-000c29c66e3d"
      }
    ],
    "trust": 0.7089285999999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "a6178710-23cc-11e6-abef-000c29c66e3d"
      }
    ]
  },
  "last_update_date": "2025-04-10T22:26:47.131000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Security Issue: CERT Reported Vulnerabilities in iFIX Security",
        "trust": 0.8,
        "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=S:KB13253\u0026actp=search"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001086"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-255",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001086"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0216"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=s:kb13253\u0026actp=search"
      },
      {
        "trust": 2.8,
        "url": "http://www.kb.cert.org/vuls/id/310355"
      },
      {
        "trust": 2.4,
        "url": "http://www.securityfocus.com/bid/33739"
      },
      {
        "trust": 1.9,
        "url": "http://www.mcgrewsecurity.com/2009/02/10/ge-fanuc-releases-info-on-ifix-vulnerabilities-vu-310355/"
      },
      {
        "trust": 1.6,
        "url": "http://www.us-cert.gov/cas/techalerts/ta09-020a.html"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/48691"
      },
      {
        "trust": 1.0,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48691"
      },
      {
        "trust": 0.8,
        "url": "http://www.microsoft.com/technet/security/bulletin/ms08-038.mspx"
      },
      {
        "trust": 0.8,
        "url": "http://support.microsoft.com/kb/967715"
      },
      {
        "trust": 0.8,
        "url": "http://support.microsoft.com/kb/953252"
      },
      {
        "trust": 0.8,
        "url": "http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/regentry/91525.mspx"
      },
      {
        "trust": 0.8,
        "url": "http://support.microsoft.com/kb/155217"
      },
      {
        "trust": 0.8,
        "url": "http://support.microsoft.com/kb/895108"
      },
      {
        "trust": 0.8,
        "url": "http://windowshelp.microsoft.com/windows/en-us/help/40f23376-1351-49d5-8d48-5c05d35f2ac81033.mspx"
      },
      {
        "trust": 0.8,
        "url": "http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/regentry/30300.mspx"
      },
      {
        "trust": 0.8,
        "url": "http://technet.microsoft.com/en-us/magazine/cc137730.aspx"
      },
      {
        "trust": 0.8,
        "url": "http://nick.brown.free.fr/blog/2007/10/memory-stick-worms"
      },
      {
        "trust": 0.8,
        "url": "http://blogs.technet.com/steriley/archive/2007/10/30/more-on-autorun.aspx"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0216"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu310355/"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0216"
      },
      {
        "trust": 0.3,
        "url": "http://www.gefanuc.com/"
      },
      {
        "trust": 0.2,
        "url": "http://www.us-cert.gov/cas/techalerts/ta09-020a.html\u003e"
      },
      {
        "trust": 0.2,
        "url": "http://www.us-cert.gov/legal.html\u003e"
      },
      {
        "trust": 0.2,
        "url": "http://www.us-cert.gov/cas/signup.html\u003e."
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://msdn.microsoft.com/en-us/library/bb776823(vs.85).aspx\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.f-secure.com/weblog/archives/00001576.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/id/889747\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://support.microsoft.com/kb/155217\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.cert.org/blogs/vuls/2008/04/the_dangers_of_windows_autorun.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://nick.brown.free.fr/blog/2007/10/memory-stick-worms\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/security_response/writeup.jsp?docid=2008-112203-2408-99\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/regentry/91525.mspx\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.f-secure.com/weblog/archives/00001586.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.publicsafety.gc.ca/prg/em/ccirc/2008/tr08-004-eng.aspx\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/29458/"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/?page=changelog"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/13223/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/id/889747"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/33909/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://www.mcafee.com"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/techalerts/ta09-020a.html),"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/techalerts/ta09-088a.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://support.microsoft.com/kb/962007."
      },
      {
        "trust": 0.1,
        "url": "http://support.microsoft.com/kb/958644\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://us.mcafee.com/root/campaign.asp?cid=54857\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://support.microsoft.com/kb/962007\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm\u0026inid=us_ghp_link_conficker_worm"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#310355"
      },
      {
        "db": "CERT/CC",
        "id": "VU#889747"
      },
      {
        "db": "BID",
        "id": "33739"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001086"
      },
      {
        "db": "PACKETSTORM",
        "id": "74183"
      },
      {
        "db": "PACKETSTORM",
        "id": "64807"
      },
      {
        "db": "PACKETSTORM",
        "id": "74973"
      },
      {
        "db": "PACKETSTORM",
        "id": "76172"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-293"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0216"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "a6178710-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CERT/CC",
        "id": "VU#310355"
      },
      {
        "db": "CERT/CC",
        "id": "VU#889747"
      },
      {
        "db": "BID",
        "id": "33739"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001086"
      },
      {
        "db": "PACKETSTORM",
        "id": "74183"
      },
      {
        "db": "PACKETSTORM",
        "id": "64807"
      },
      {
        "db": "PACKETSTORM",
        "id": "74973"
      },
      {
        "db": "PACKETSTORM",
        "id": "76172"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-293"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0216"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-02-13T00:00:00",
        "db": "IVD",
        "id": "a6178710-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2009-02-11T00:00:00",
        "db": "CERT/CC",
        "id": "VU#310355"
      },
      {
        "date": "2008-03-20T00:00:00",
        "db": "CERT/CC",
        "id": "VU#889747"
      },
      {
        "date": "2009-02-11T00:00:00",
        "db": "BID",
        "id": "33739"
      },
      {
        "date": "2009-03-19T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-001086"
      },
      {
        "date": "2009-01-21T20:28:24",
        "db": "PACKETSTORM",
        "id": "74183"
      },
      {
        "date": "2008-03-21T23:24:01",
        "db": "PACKETSTORM",
        "id": "64807"
      },
      {
        "date": "2009-02-16T12:48:35",
        "db": "PACKETSTORM",
        "id": "74973"
      },
      {
        "date": "2009-03-30T19:50:26",
        "db": "PACKETSTORM",
        "id": "76172"
      },
      {
        "date": "2009-02-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200902-293"
      },
      {
        "date": "2009-02-13T17:30:00.627000",
        "db": "NVD",
        "id": "CVE-2009-0216"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-02-24T00:00:00",
        "db": "CERT/CC",
        "id": "VU#310355"
      },
      {
        "date": "2009-04-14T00:00:00",
        "db": "CERT/CC",
        "id": "VU#889747"
      },
      {
        "date": "2009-02-12T00:18:00",
        "db": "BID",
        "id": "33739"
      },
      {
        "date": "2009-03-19T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-001086"
      },
      {
        "date": "2009-02-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200902-293"
      },
      {
        "date": "2025-04-09T00:30:58.490000",
        "db": "NVD",
        "id": "CVE-2009-0216"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-293"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ge_fanuc ifix Bypass access restriction vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "a6178710-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-293"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Trust management",
    "sources": [
      {
        "db": "IVD",
        "id": "a6178710-23cc-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-293"
      }
    ],
    "trust": 0.8
  }
}

GSD-2009-0216

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-0216

Aliases

CVE-2009-0216

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-0216",
    "description": "GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start privileged server login sessions by recovering a password or by using a modified program module.",
    "id": "GSD-2009-0216"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-0216"
      ],
      "details": "GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start privileged server login sessions by recovering a password or by using a modified program module.",
      "id": "GSD-2009-0216",
      "modified": "2023-12-13T01:19:44.809978Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2009-0216",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start privileged server login sessions by recovering a password or by using a modified program module."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "33739",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/33739"
          },
          {
            "name": "VU#310355",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/310355"
          },
          {
            "name": "http://www.mcgrewsecurity.com/2009/02/10/ge-fanuc-releases-info-on-ifix-vulnerabilities-vu-310355/",
            "refsource": "MISC",
            "url": "http://www.mcgrewsecurity.com/2009/02/10/ge-fanuc-releases-info-on-ifix-vulnerabilities-vu-310355/"
          },
          {
            "name": "gefanucifix-multiple-unauth-access(48691)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48691"
          },
          {
            "name": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=S:KB13253\u0026actp=search",
            "refsource": "CONFIRM",
            "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=S:KB13253\u0026actp=search"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ge_fanuc:ifix:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge_fanuc:ifix:2.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge_fanuc:ifix:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge_fanuc:ifix:3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge_fanuc:ifix:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge_fanuc:ifix:2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge_fanuc:ifix:2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge_fanuc:ifix:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge_fanuc:ifix:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge_fanuc:ifix:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2009-0216"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start privileged server login sessions by recovering a password or by using a modified program module."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-255"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33739",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/33739"
            },
            {
              "name": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=S:KB13253\u0026actp=search",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=S:KB13253\u0026actp=search"
            },
            {
              "name": "VU#310355",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/310355"
            },
            {
              "name": "http://www.mcgrewsecurity.com/2009/02/10/ge-fanuc-releases-info-on-ifix-vulnerabilities-vu-310355/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.mcgrewsecurity.com/2009/02/10/ge-fanuc-releases-info-on-ifix-vulnerabilities-vu-310355/"
            },
            {
              "name": "gefanucifix-multiple-unauth-access(48691)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48691"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-08T01:33Z",
      "publishedDate": "2009-02-13T17:30Z"
    }
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-0216 (GCVE-0-2009-0216)

FKIE_CVE-2009-0216

GHSA-9H9R-CR53-4958

VAR-200902-0500

GSD-2009-0216

Tags

Sightings

Nomenclature