CyberSec.Space Logo
Back to CVE Browser

CVE-2009-0650

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1600%
EPSS Percentile23.03th
PublishedFeb 20, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

πŸ“¦
Tptest

Tptest

<= 3.1.7
πŸ“¦
Tptest

Tptest

= 5.0.2

References & Advisories

πŸ”— http://secunia.com/advisories/33972
πŸ”— http://www.securityfocus.com/bid/33785
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/48781
πŸ”— https://www.exploit-db.com/exploits/8058
πŸ”— http://secunia.com/advisories/33972
πŸ”— http://www.securityfocus.com/bid/33785
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/48781
πŸ”— https://www.exploit-db.com/exploits/8058

Related Vulnerabilities

CVE-2009-06595.0

Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 allows remote attackers to have an unknown impact via...

CVE-2009-049210.0

Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has unknown impact and attack vectors related to an "auth vulnerabilit...

CVE-2009-227110.0

The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and ...

CVE-2009-395410.0

The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attacker...