U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2009-5031

Change History

Modified Analysis by NIST 2/12/2021 12:24:37 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:a:trustwave:modsecurity:2.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.0.1:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.0.2:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.0.3:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.0.4:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.1.1:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.1.2:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.1.3:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.1.4:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.1.5:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.1.6:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.5.0:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.5.1:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.5.2:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.5.3:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.5.4:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.5.5:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.5.6:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.5.7:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.5.8:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:2.5.9:*:*:*:*:*:*:*
     *cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:* versions up to (including) 2.5.10
OR
     *cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:* versions up to (excluding) 2.5.11
Added CWE

								
							
							
						
NIST CWE-79
Removed CWE
NIST CWE-20

								
						
Changed Reference Type
http://blog.ivanristic.com/2012/06/modsecurity-and-modsecurity-core-rule-set-multipart-bypasses.html No Types Assigned
http://blog.ivanristic.com/2012/06/modsecurity-and-modsecurity-core-rule-set-multipart-bypasses.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html No Types Assigned
http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html No Types Assigned
http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html No Types Assigned
http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html Mailing List, Third Party Advisory
Changed Reference Type
http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.6.x/CHANGES No Types Assigned
http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.6.x/CHANGES Broken Link
Changed Reference Type
http://secunia.com/advisories/49576 Vendor Advisory
http://secunia.com/advisories/49576 Third Party Advisory
Changed Reference Type
http://www.openwall.com/lists/oss-security/2012/06/22/1 No Types Assigned
http://www.openwall.com/lists/oss-security/2012/06/22/1 Mailing List, Third Party Advisory
Changed Reference Type
http://www.openwall.com/lists/oss-security/2012/06/22/2 No Types Assigned
http://www.openwall.com/lists/oss-security/2012/06/22/2 Mailing List, Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/bid/54156 No Types Assigned
http://www.securityfocus.com/bid/54156 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.suspekt.org/downloads/POC2009-ShockingNewsInPHPExploitation.pdf No Types Assigned
http://www.suspekt.org/downloads/POC2009-ShockingNewsInPHPExploitation.pdf Third Party Advisory
Changed Reference Type
https://www.modsecurity.org/fisheye/browse/modsecurity/m2/branches/2.5.x/apache2/msc_multipart.c?r2=1419&r1=1366 Exploit, Patch
https://www.modsecurity.org/fisheye/browse/modsecurity/m2/branches/2.5.x/apache2/msc_multipart.c?r2=1419&r1=1366 Broken Link