VAR-200912-0369
Vulnerability from variot - Updated: 2025-04-10 23:04Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which prevents the SENTER instruction from properly applying VT-d protection while an MLE is being loaded. Intel BIOS is prone to an unspecified privilege-escalation vulnerability. Successful exploits will allow local processes to bypass intended security restrictions and gain elevated privileges. Currently very few technical details are available. We will update this BID as more information emerges. Intel Trusted Execution Technology is a hardware extension technology in Intel Core 2 Duo processor E8400, designed to protect data in a virtualized computing environment from software attacks, virus intrusions and other types of threats. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Intel Trusted Execution Technology SINIT Security Bypass
SECUNIA ADVISORY ID: SA37900
VERIFY ADVISORY: http://secunia.com/advisories/37900/
DESCRIPTION: A vulnerability has been reported in multiple Intel products, which can be exploited by malicious, local users to bypass certain security restrictions and gain escalated privileges.
The vulnerability is caused due to a configuration error in the SINIT Authenticated Code Module (ACM).
The vulnerability is reported in platforms using the Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets.
SOLUTION: Install updated SINIT modules. http://sourceforge.net/projects/tboot/files/
Q35: Install Q35_SINIT_18.BIN.
GM45 and PM45 Express: Install GM45_GS45_PM45_SINIT_21.BIN.
Q45 and Q43 Express: Install Q45_Q43_SINIT_18.BIN.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Alexander Tereshkin, Rafal Wojtczuk, and Joanna Rutkowska from Invisible Things Lab.
ORIGINAL ADVISORY: http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00021&languageid=en-fr
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0369",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gm45 chipset",
"scope": null,
"trust": 1.4,
"vendor": "intel",
"version": null
},
{
"model": "pm45 express chipset",
"scope": null,
"trust": 1.4,
"vendor": "intel",
"version": null
},
{
"model": "q35 chipset",
"scope": null,
"trust": 1.4,
"vendor": "intel",
"version": null
},
{
"model": "q43 express chipset",
"scope": null,
"trust": 1.4,
"vendor": "intel",
"version": null
},
{
"model": "q45 chipset",
"scope": null,
"trust": 1.4,
"vendor": "intel",
"version": null
},
{
"model": "gm45 chipset",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "*"
},
{
"model": "q43 express chipset",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "*"
},
{
"model": "q35 chipset",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "*"
},
{
"model": "q45 chipset",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "*"
},
{
"model": "pm45 express chipset",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "*"
},
{
"model": "q45",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "q43 express",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "q35",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "pm45 express",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "gm45",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "37430"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005232"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-352"
},
{
"db": "NVD",
"id": "CVE-2009-4419"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:intel:gm45_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:pm45_express_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:q35_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:q43_express_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:q45_chipset",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-005232"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Tereshkin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-352"
}
],
"trust": 0.6
},
"cve": "CVE-2009-4419",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2009-4419",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-41865",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-4419",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-4419",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-352",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-41865",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41865"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005232"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-352"
},
{
"db": "NVD",
"id": "CVE-2009-4419"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which prevents the SENTER instruction from properly applying VT-d protection while an MLE is being loaded. Intel BIOS is prone to an unspecified privilege-escalation vulnerability. \nSuccessful exploits will allow local processes to bypass intended security restrictions and gain elevated privileges. \nCurrently very few technical details are available. We will update this BID as more information emerges. Intel Trusted Execution Technology is a hardware extension technology in Intel Core 2 Duo processor E8400, designed to protect data in a virtualized computing environment from software attacks, virus intrusions and other types of threats. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nIntel Trusted Execution Technology SINIT Security Bypass\n\nSECUNIA ADVISORY ID:\nSA37900\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37900/\n\nDESCRIPTION:\nA vulnerability has been reported in multiple Intel products, which\ncan be exploited by malicious, local users to bypass certain security\nrestrictions and gain escalated privileges. \n\nThe vulnerability is caused due to a configuration error in the SINIT\nAuthenticated Code Module (ACM). \n\nThe vulnerability is reported in platforms using the Q35, GM45, PM45\nExpress, Q45, and Q43 Express chipsets. \n\nSOLUTION:\nInstall updated SINIT modules. \nhttp://sourceforge.net/projects/tboot/files/\n\nQ35:\nInstall Q35_SINIT_18.BIN. \n\nGM45 and PM45 Express:\nInstall GM45_GS45_PM45_SINIT_21.BIN. \n\nQ45 and Q43 Express:\nInstall Q45_Q43_SINIT_18.BIN. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Alexander Tereshkin, Rafal Wojtczuk, and Joanna\nRutkowska from Invisible Things Lab. \n\nORIGINAL ADVISORY:\nhttp://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00021\u0026languageid=en-fr\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4419"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005232"
},
{
"db": "BID",
"id": "37430"
},
{
"db": "VULHUB",
"id": "VHN-41865"
},
{
"db": "PACKETSTORM",
"id": "84169"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-4419",
"trust": 2.5
},
{
"db": "BID",
"id": "37430",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "37900",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2009-3618",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "61248",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1023382",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005232",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-352",
"trust": 0.7
},
{
"db": "XF",
"id": "54963",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-41865",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84169",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41865"
},
{
"db": "BID",
"id": "37430"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005232"
},
{
"db": "PACKETSTORM",
"id": "84169"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-352"
},
{
"db": "NVD",
"id": "CVE-2009-4419"
}
]
},
"id": "VAR-200912-0369",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41865"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:04:59.923000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "INTEL-SA-00021",
"trust": 0.8,
"url": "http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00021\u0026languageid=en-fr"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-005232"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-16",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41865"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005232"
},
{
"db": "NVD",
"id": "CVE-2009-4419"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://security-center.intel.com/advisory.aspx?intelid=intel-sa-00021\u0026languageid=en-fr"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/37430"
},
{
"trust": 1.7,
"url": "http://invisiblethingslab.com/resources/misc09/another%20txt%20attack.pdf"
},
{
"trust": 1.7,
"url": "http://theinvisiblethings.blogspot.com/2009/12/another-txt-attack.html"
},
{
"trust": 1.7,
"url": "http://osvdb.org/61248"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1023382"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/37900"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3618"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54963"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4419"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4419"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/54963"
},
{
"trust": 0.3,
"url": "http://www.intel.com/"
},
{
"trust": 0.1,
"url": "http://security-center.intel.com/advisory.aspx?intelid=intel-sa-00021\u0026amp;languageid=en-fr"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37900/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://sourceforge.net/projects/tboot/files/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41865"
},
{
"db": "BID",
"id": "37430"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005232"
},
{
"db": "PACKETSTORM",
"id": "84169"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-352"
},
{
"db": "NVD",
"id": "CVE-2009-4419"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-41865"
},
{
"db": "BID",
"id": "37430"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005232"
},
{
"db": "PACKETSTORM",
"id": "84169"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-352"
},
{
"db": "NVD",
"id": "CVE-2009-4419"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-12-24T00:00:00",
"db": "VULHUB",
"id": "VHN-41865"
},
{
"date": "2009-12-21T00:00:00",
"db": "BID",
"id": "37430"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-005232"
},
{
"date": "2009-12-22T12:23:24",
"db": "PACKETSTORM",
"id": "84169"
},
{
"date": "2009-12-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-352"
},
{
"date": "2009-12-24T17:30:00.250000",
"db": "NVD",
"id": "CVE-2009-4419"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-41865"
},
{
"date": "2009-12-29T15:12:00",
"db": "BID",
"id": "37430"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-005232"
},
{
"date": "2009-12-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-352"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2009-4419"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "37430"
},
{
"db": "PACKETSTORM",
"id": "84169"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-352"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SINIT Authenticated Code Module (ACM) of Intel Q35 Vulnerability that can be obtained authority",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-005232"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "configuration error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-352"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…