CVE-2009-4230

IIPImage Server <0.9.8 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Multiple stack-based buffer overflows in src/Task.cc in the FastCGI program in IIPImage Server before 0.9.8 might allow remote attackers to execute arbitrary code via vectors associated with crafted arguments to the (1) RGN::run, (2) JTLS::run, or (3) SHD::run function. NOTE: some of these details are obtained from third party information.

References (3)

Core 3
Core References
Release Notes x_refsource_confirm
http://freshmeat.net/projects/iipimage/releases/309013
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37565
Vendor Advisory x_refsource_confirm
http://iipimage.sourceforge.net/blog/

Scores

EPSS 0.0287
EPSS Percentile 85.2%

Details

CWE
CWE-119
Status published
Products (5)
ruven_pillay/iipimage_server 0.9.3
ruven_pillay/iipimage_server 0.9.4
ruven_pillay/iipimage_server 0.9.5
ruven_pillay/iipimage_server 0.9.6
ruven_pillay/iipimage_server < 0.9.7
Published Dec 08, 2009
Tracked Since Feb 18, 2026