CVE-2009-0625

Published: Feb 26, 2009Modified: Apr 23, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet.

Affected (2)

Products: Cisco: Ace 4710, Application Control Engine Module

2 products

Application Control Engine Module

Configuration A

2 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Cisco Ace 4710	Up to a1\(2.0\)
Cisco Application Control Engine Module	Up to a2\(1.1\)

Running on/with	Platform Versions
Cisco Catalyst	Version 6500
Cisco Catalyst	Version 7600

Related CWEs

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (6)

http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/33900

Source: psirt@cisco.com

http://www.securitytracker.com/id?1021769

Source: psirt@cisco.com

http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/33900

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1021769

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.