{"api_version":"1","generated_at":"2026-07-06T10:30:29+00:00","cve":"CVE-2009-2294","urls":{"html":"https://cve.report/CVE-2009-2294","api":"https://cve.report/api/cve/CVE-2009-2294.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2009-2294","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2009-2294"},"summary":{"title":"CVE-2009-2294","description":"Integer overflow in the Png_datainfo_callback function in Dillo 2.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG image with crafted (1) width or (2) height values.","state":"PUBLISHED","assigner":"mitre","published_at":"2009-07-05 16:30:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-189","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://www.ocert.org/advisories/ocert-2009-008.html","name":"http://www.ocert.org/advisories/ocert-2009-008.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"oCERT.org - oCERT Advisories","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/35647","name":"http://secunia.com/advisories/35647","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Dillo PNG Processing Integer Overflow Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/55656","name":"http://osvdb.org/55656","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.securityfocus.com/archive/1/504727/100/0/threaded","name":"http://www.securityfocus.com/archive/1/504727/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2009-2294","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-2294","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.0.42","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.0.43","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.0.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.0.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.2.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.3.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.5.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.6.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.6.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.6.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.6.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.6.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.6.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.7.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.7.1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.7.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.7.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.8.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.8.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.8.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.8.5","cpe7":"pre-dw-design1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.8.5","cpe7":"pre-dw-design2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.8.5","cpe7":"pre-dw-design3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"0.8.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"2294","vulnerable":"1","versionEndIncluding":"2.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dillo","cpe5":"dillo","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T05:44:55.915Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.ocert.org/advisories/ocert-2009-008.html"},{"name":"20090703 [oCERT-2009-008] Dillo integer overflow","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/504727/100/0/threaded"},{"name":"35647","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/35647"},{"name":"55656","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/55656"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2009-07-03T00:00:00.000Z","descriptions":[{"lang":"en","value":"Integer overflow in the Png_datainfo_callback function in Dillo 2.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG image with crafted (1) width or (2) height values."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-10T18:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_MISC"],"url":"http://www.ocert.org/advisories/ocert-2009-008.html"},{"name":"20090703 [oCERT-2009-008] Dillo integer overflow","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/504727/100/0/threaded"},{"name":"35647","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/35647"},{"name":"55656","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/55656"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2009-2294","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Integer overflow in the Png_datainfo_callback function in Dillo 2.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG image with crafted (1) width or (2) height values."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://www.ocert.org/advisories/ocert-2009-008.html","refsource":"MISC","url":"http://www.ocert.org/advisories/ocert-2009-008.html"},{"name":"20090703 [oCERT-2009-008] Dillo integer overflow","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/504727/100/0/threaded"},{"name":"35647","refsource":"SECUNIA","url":"http://secunia.com/advisories/35647"},{"name":"55656","refsource":"OSVDB","url":"http://osvdb.org/55656"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2009-2294","datePublished":"2009-07-05T16:00:00.000Z","dateReserved":"2009-07-02T00:00:00.000Z","dateUpdated":"2024-08-07T05:44:55.915Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2009-07-05 16:30:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-189","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:*:*:*:*:*:*:*:*","versionEndIncluding":"2.1","matchCriteriaId":"ED82B0BA-5C9C-4D63-8418-3B45DC8504FC"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.0.0:*:*:*:*:*:*:*","matchCriteriaId":"D8FFAC5E-77BD-4BF3-8906-FDF240C8E5C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.0.1:*:*:*:*:*:*:*","matchCriteriaId":"0DCC27FB-CEA9-4AA5-9A2C-4A4BD7D3B1A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"4B31B232-9C62-4FCF-99B8-7C154AF82349"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.0.3:*:*:*:*:*:*:*","matchCriteriaId":"61E3A452-0124-4C50-8BBC-64C34C743EF7"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.0.4:*:*:*:*:*:*:*","matchCriteriaId":"C50FE697-0933-40E3-95BF-C07157E46112"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"47F81343-8538-402B-A5B6-CED15AA2FCCB"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.0.6:*:*:*:*:*:*:*","matchCriteriaId":"D8859A15-05AB-4883-BA0E-DD96DB2EBE9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.0.42:*:*:*:*:*:*:*","matchCriteriaId":"7B3C6AF7-C4C1-4BD7-A1F2-8CAD91E28F7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.0.43:*:*:*:*:*:*:*","matchCriteriaId":"7BE17AFD-F40D-43DB-B45B-222C9262BEA3"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.1.0:*:*:*:*:*:*:*","matchCriteriaId":"3ED11811-287D-4860-9FDC-2DA5E79514E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.2:*:*:*:*:*:*:*","matchCriteriaId":"3D555945-9CD8-4C64-88C9-7165B2F9F6A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.2.1:*:*:*:*:*:*:*","matchCriteriaId":"735EAB61-5A0B-4FA6-9336-D9DD279996D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.2.2:*:*:*:*:*:*:*","matchCriteriaId":"086FA8E2-AB31-4A16-A817-6DDE3D6CF1BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.2.3:*:*:*:*:*:*:*","matchCriteriaId":"1E7DB3E1-3697-4000-B10A-BD9699406CAA"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.2.4:*:*:*:*:*:*:*","matchCriteriaId":"EE29B322-482D-4F67-88AB-A71FC1343876"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.3:*:*:*:*:*:*:*","matchCriteriaId":"109B06EE-5761-47F7-924D-FCBA32E8D76E"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.3.1:*:*:*:*:*:*:*","matchCriteriaId":"F44478CC-17C3-4F1B-AA62-D38148429C46"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.3.2:*:*:*:*:*:*:*","matchCriteriaId":"B36E45EF-2659-40BA-B4B8-8BE85BE0A302"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.4:*:*:*:*:*:*:*","matchCriteriaId":"AB0EFCAE-417F-4BA2-B47D-C3798658C857"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.5.0:*:*:*:*:*:*:*","matchCriteriaId":"14DF2E87-8CB6-41EE-AE17-93CA27A8B5FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.5.1:*:*:*:*:*:*:*","matchCriteriaId":"26B89365-6959-4647-A589-994E0060FFB9"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.6:*:*:*:*:*:*:*","matchCriteriaId":"033E89CE-2EE6-41C0-9146-0F1B56C798B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.6.1:*:*:*:*:*:*:*","matchCriteriaId":"8A0F574E-EB2B-4014-A17F-15C7A31947F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.6.2:*:*:*:*:*:*:*","matchCriteriaId":"AE4AB244-DBC9-4CC4-A6F4-A387E516CA1C"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.6.3:*:*:*:*:*:*:*","matchCriteriaId":"26DE54F9-49D5-4994-B666-047F4A0BA243"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.6.4:*:*:*:*:*:*:*","matchCriteriaId":"598E7C2A-2BF1-4CD6-A3E6-9547F17E04FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.6.5:*:*:*:*:*:*:*","matchCriteriaId":"7DBEA2E6-481F-44FA-8D40-1DBC452A5DCA"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.6.6:*:*:*:*:*:*:*","matchCriteriaId":"A7933C08-CB36-41A3-94FA-6F594771D8C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.7:*:*:*:*:*:*:*","matchCriteriaId":"AE50669F-DA11-4F51-BD86-0EDC451045AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.7.1:*:*:*:*:*:*:*","matchCriteriaId":"75B1797D-CD5F-4875-8FBF-31488BD40282"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.7.1.2:*:*:*:*:*:*:*","matchCriteriaId":"6A4A558A-B9DF-44E8-81C9-6925AD22B173"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.7.2:*:*:*:*:*:*:*","matchCriteriaId":"436855BE-C8EA-46A0-8B8C-3F0F437285E5"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.7.3:*:*:*:*:*:*:*","matchCriteriaId":"874E4818-DA1A-4D8E-9E32-45011FF4856E"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.8:*:*:*:*:*:*:*","matchCriteriaId":"D29B4FC0-C665-4AD7-AB97-E4A743230F78"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.8.1:*:*:*:*:*:*:*","matchCriteriaId":"A1ACF40C-4A44-451C-934E-1EC11AF6C5EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.8.2:*:*:*:*:*:*:*","matchCriteriaId":"A7293FB7-4E6F-4ADA-B4A1-2C21BDC0EECD"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.8.3:*:*:*:*:*:*:*","matchCriteriaId":"E5BB7C24-A110-4204-AF2E-EDEBF58BE252"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.8.4:*:*:*:*:*:*:*","matchCriteriaId":"C8F8EDA4-EFDA-47F1-928A-22442DA2355E"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.8.5:pre-dw-design1:*:*:*:*:*:*","matchCriteriaId":"062D40F5-C0E6-44B2-B573-CB846FE72819"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.8.5:pre-dw-design2:*:*:*:*:*:*","matchCriteriaId":"179E7B4D-6818-4722-9113-2EC3453A5F6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.8.5:pre-dw-design3:*:*:*:*:*:*","matchCriteriaId":"82E27AD6-F43B-4000-A251-770C5FFCC91A"},{"vulnerable":true,"criteria":"cpe:2.3:a:dillo:dillo:0.8.6:*:*:*:*:*:*:*","matchCriteriaId":"65DE3B84-383A-4952-ABA1-02099E9693F0"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2009","CveId":"2294","Ordinal":"1","Title":"CVE-2009-2294","CVE":"CVE-2009-2294","Year":"2009"},"notes":[{"CveYear":"2009","CveId":"2294","Ordinal":"1","NoteData":"Integer overflow in the Png_datainfo_callback function in Dillo 2.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG image with crafted (1) width or (2) height values.","Type":"Description","Title":"CVE-2009-2294"},{"CveYear":"2009","CveId":"2294","Ordinal":"2","NoteData":"2009-07-05","Type":"Other","Title":"Published"},{"CveYear":"2009","CveId":"2294","Ordinal":"3","NoteData":"2018-10-10","Type":"Other","Title":"Modified"}]}}}