VYPR
Unrated severityNVD Advisory· Published May 14, 2009· Updated Jun 16, 2026

CVE-2009-1629

CVE-2009-1629

Description

ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with predictable random numbers based on certain JavaScript functions, which makes it easier for remote attackers to (1) hijack a session or (2) cause a denial of service (session ID exhaustion) via a brute-force attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:antony_lesuisse:ajaxterm:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:antony_lesuisse:ajaxterm:*:*:*:*:*:*:*:*range: <=0.10
    • cpe:2.3:a:antony_lesuisse:ajaxterm:0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:antony_lesuisse:ajaxterm:0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:antony_lesuisse:ajaxterm:0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:antony_lesuisse:ajaxterm:0.9:*:*:*:*:*:*:*
  • osv-coords
    Range: < 0.10-5

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.