CVE-2009-3617

EPSS 14.0%

Published: 10/20/2009Modified: 4/28/2026

Also known as:DEBIAN-CVE-2009-3617

Description

Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a download URI. NOTE: some of these details are obtained from third party information.

Affected packages (1)

Debian/aria2from 0, < 1.6.2-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-3617