← Back to CVEs
CVE-2009-2356
N/ADescription
Multiple stack-based buffer overflows in the pgsqlQuery function in NullLogic Groupware 1.2.7, when PostgreSQL is used, might allow remote attackers to execute arbitrary code via input to the (1) POP3, (2) SMTP, or (3) web component that triggers a long SQL query.
CVE Details
CVSS v3.1 ScoreN/A
Published7/7/2009
Last Modified4/23/2026
Sourcenvd
Honeypot Sightings0
Affected Products
dan_cahill:nulllogic_groupware
Weaknesses (CWE)
CWE-119
References
http://www.nth-dimension.org.uk/utils/get.php?downloadsid=55(cve@mitre.org)
http://www.securityfocus.com/archive/1/504737/100/0/threaded(cve@mitre.org)
http://www.vupen.com/english/advisories/2009/1817(cve@mitre.org)
http://www.nth-dimension.org.uk/utils/get.php?downloadsid=55(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/504737/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/1817(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.