CVE-2009-1391

Name: CVE-2009-1391
Creator: NVD / NIST
Published: 2009-06-16T23:30:00.203+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 7.08%

Last modified Jun 16, 2026

CVE-2009-1391 is a vulnerability of currently unknown severity. Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009.. EPSS estimates a 7.08% chance of exploitation in the next 30 days.

Description

Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009.

Metrics

EPSS Probability

7.08%

93.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-189

Affected Software

Vendor	Product	Versions
Paul Marquess	Compress-Raw-Zlib Perl Module	<= 2.015
Paul Marquess	Compress-Raw-Zlib Perl Module	2.001
Paul Marquess	Compress-Raw-Zlib Perl Module	2.002
Paul Marquess	Compress-Raw-Zlib Perl Module	2.003
Paul Marquess	Compress-Raw-Zlib Perl Module	2.004
Paul Marquess	Compress-Raw-Zlib Perl Module	2.005
Paul Marquess	Compress-Raw-Zlib Perl Module	2.006
Paul Marquess	Compress-Raw-Zlib Perl Module	2.008
Paul Marquess	Compress-Raw-Zlib Perl Module	2.009
Paul Marquess	Compress-Raw-Zlib Perl Module	2.010
Paul Marquess	Compress-Raw-Zlib Perl Module	2.011
Paul Marquess	Compress-Raw-Zlib Perl Module	2.012
Paul Marquess	Compress-Raw-Zlib Perl Module	2.014

References

Timeline

Published: Jun 16, 2009
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2009-1391?

How severe is CVE-2009-1391?

Severity scoring for CVE-2009-1391 is pending analysis. The EPSS model estimates a 7.08% probability of exploitation in the next 30 days.

How do I fix CVE-2009-1391?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-1391?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST