VYPR
Unrated severityNVD Advisory· Published Aug 7, 2009· Updated Jun 16, 2026

CVE-2009-2411

CVE-2009-2411

Description

Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

66
  • cpe:2.3:a:subversion:subversion:*:*:*:*:*:*:*:*+ 64 more
    • cpe:2.3:a:subversion:subversion:*:*:*:*:*:*:*:*range: <=1.5.6
    • cpe:2.3:a:subversion:subversion:0.22.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.23.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.24.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.24.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.24.2:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.25.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.27.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.28.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.28.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.28.2:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.29.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.30.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.31.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.32.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.32.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.33.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.33.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.34.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.35.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.35.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.36.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:0.37.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.1.0_rc1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.1.0_rc2:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.1.0_rc3:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:subversion:subversion:1.6.3:*:*:*:*:*:*:*
    • (no CPE)range: <1.5.7, 1.6.x <1.6.4

Patches

Vulnerability mechanics

References

26

News mentions

0

No linked articles in our index yet.