CVE-2009-2483
NetBSD 4.0 and 4.0.1 - Denial of Service via Malformed Externalized Plist
Title source: llmDescription
libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) containing an undefined element.
References (6)
Core 6
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/35556
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/35466
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/51311
Vendor Advisory vendor-advisory
x_refsource_netbsd
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-003.txt.asc
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/55285
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1022431
Scores
EPSS
0.0006
EPSS Percentile
19.1%
Details
CWE
CWE-189
Status
published
Products (2)
netbsd/netbsd
4.0
netbsd/netbsd
4.0.1
Published
Jul 16, 2009
Tracked Since
Feb 18, 2026