Strix
26.1K

CVE-2009-0769

UnknownEPSS 2.43%

Last modified

CVE-2009-0769 is a vulnerability of currently unknown severity. QIP 2005 build 8082 allows remote attackers to cause a denial of service (CPU consumption and application hang) via a crafted Rich Text Format (RTF) ICQ message, as demonstrated by an {\rtf\pict\&&} message. NOTE: the vulnerability may be in Sergey Tkachenko TRichView. EPSS estimates a 2.43% chance of exploitation in the next 30 days.

Description

QIP 2005 build 8082 allows remote attackers to cause a denial of service (CPU consumption and application hang) via a crafted Rich Text Format (RTF) ICQ message, as demonstrated by an {\rtf\pict\&&} message. NOTE: the vulnerability may be in Sergey Tkachenko TRichView. If so, then this should not be treated as a vulnerability in QIP.

Metrics

EPSS Probability
2.43%

82.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
QipQip2005

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2009-0769?
QIP 2005 build 8082 allows remote attackers to cause a denial of service (CPU consumption and application hang) via a crafted Rich Text Format (RTF) ICQ message, as demonstrated by an {\rtf\pict\&&} message. NOTE: the vulnerability may be in Sergey Tkachenko TRichView. If so, then this should not be treated as a vulnerability in QIP.
How severe is CVE-2009-0769?
Severity scoring for CVE-2009-0769 is pending analysis. The EPSS model estimates a 2.43% probability of exploitation in the next 30 days.
How do I fix CVE-2009-0769?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-0769?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST