Unrated severityNVD Advisory· Published Mar 16, 2009· Updated Apr 23, 2026

CVE-2009-0912

Description

perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.

Affected products

Mandriva/Multi Network Firewall
cpe:2.3:a:mandriva:multi_network_firewall:2.0:*:*:*:*:*:*:*
Mandriva/Linux6 versions
cpe:2.3:o:mandriva:linux:2008.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:mandriva:linux:2008.0:*:*:*:*:*:*:*
- cpe:2.3:o:mandriva:linux:2008.0:-:x86_64:*:*:*:*:*
- cpe:2.3:o:mandriva:linux:2008.1:*:*:*:*:*:*:*
- cpe:2.3:o:mandriva:linux:2008.1:-:x86_64:*:*:*:*:*
- cpe:2.3:o:mandriva:linux:2009.0:*:*:*:*:*:*:*
- cpe:2.3:o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
Mandriva/Linux Corporate Server4 versions
cpe:2.3:o:mandriva:linux_corporate_server:3.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:mandriva:linux_corporate_server:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:mandriva:linux_corporate_server:3.0:-:x86_64:*:*:*:*:*
- cpe:2.3:o:mandriva:linux_corporate_server:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:mandriva:linux_corporate_server:4.0:-:x86_64:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/34089nvdPatch
www.mandriva.com/security/advisoriesnvdVendor Advisory
www.vupen.com/english/advisories/2009/0688nvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/49220nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000