CVE-2009-3555

Exp

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

Published: 2009-11-09 Last update: 2026-05-27 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2009-3555 is rated High Exploit Risk (86.8/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 3.74%). 5 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +1.77% over the last day, indicating growing attacker interest. Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2009-3555

EDB-ID Source Kind Published Link
10579 exploit_db edb 2009-12-21 Exploit-DB ↗
10071 exploit_db edb 2009-11-10 Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2009-3555

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-05-28 1.97% 3.74% +1.77%
2 2026-04-21 2.29% 1.97% -0.32%
3 2026-03-11 2.29%

Full EPSS history (60 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2009-3555

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
9.8 3.1 CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
 3.9 5.9 134c704f-9b21-4f2e-91b3-4a467353bcc0
5.8 2.0 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
 8.6 4.9 [email protected]

Weakness enumeration for CVE-2009-3555

GitHub Security Advisory for CVE-2009-3555

GHSA-f7w7-6pjc-wwm6 · Severity: critical · Ecosystem: maven — Apache Tomcat affected by vulnerability in TLS and SSL protocol

OS Trackers for CVE-2009-3555

vendor priority summary link
debian not yet assigned CVE-2009-3555 not yet assigned priority: Debian including 7 source packages (apache2, lighttpd, …), 34 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 34. https://security-tracker.debian.org/tracker/CVE-2009-3555
gentoo high CVE-2009-3555: 9 GLSA(s) (200912-01, 201006-18, …), 23 atom(s) (app-emulation/emul-linux-x86-java, dev-java/icedtea-bin, …); latest impact high. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2009-3555
redhat medium https://access.redhat.com/security/cve/CVE-2009-3555
suse medium CVE-2009-3555 severity moderate: SUSE including 326 source package names (MozillaFirefox, MozillaFirefox-10.0-0.3.2, …), 441 product×package rows across 41 product lines (SUSE Linux Enterprise Desktop 12, SUSE Linux Enterprise Desktop 12 SP1, … (41 product lines)): Fixed 428, Known Not Affected 12, Will Not Fix 1. https://www.suse.com/security/cve/CVE-2009-3555/
ubuntu medium CVE-2009-3555 medium priority: Ubuntu including 10 source packages (apache2, gnutls12, …), 70 status rows across 8 suites (dapper, hardy, intrepid, jaunty, karmic, lucid, maverick, upstream): released 32, DNE 23, ignored 9, not-affected 3, needed 2, needs-triage 1. https://ubuntu.com/security/CVE-2009-3555

Vendor comments (NVD) for CVE-2009-3555

  • Red Hat (2009-11-20T00:00:00)

    Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3555 Additional information can be found in the Red Hat Knowledgebase article: http://kbase.redhat.com/faq/docs/DOC-20491

Affected software / configurations for CVE-2009-3555

Vendor Product Version Raw CPE
apache http_server <= 2.2.14 cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
gnu gnutls <= 2.8.5 cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*
mozilla nss <= 3.12.4 cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*
openssl openssl <= 0.9.8k cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
openssl openssl 1.0 cpe:2.3:a:openssl:openssl:1.0:*:openvms:*:*:*:*:*
canonical ubuntu_linux 8.04 cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 8.10 cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
canonical ubuntu_linux 9.04 cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
canonical ubuntu_linux 9.10 cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
canonical ubuntu_linux 10.04 cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 10.10 cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
debian debian_linux 4.0 cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
debian debian_linux 5.0 cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
debian debian_linux 6.0 cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
debian debian_linux 7.0 cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
debian debian_linux 8.0 cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
fedoraproject fedora 11 cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
fedoraproject fedora 12 cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
fedoraproject fedora 13 cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*
fedoraproject fedora 14 cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*
f5 nginx >= 0.1.0, <= 0.8.22 cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*

References for CVE-2009-3555

URL Tags
http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html Broken Link
http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html Third Party Advisory
http://blogs.iss.net/archive/sslmitmiscsrf.html Broken Link
http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during Third Party Advisory
http://clicky.me/tlsvuln Exploit Third Party Advisory
http://extendedsubset.com/?p=8 Broken Link
http://extendedsubset.com/Renegotiating_TLS.pdf Broken Link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686 Broken Link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041 Broken Link
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 Broken Link
http://kbase.redhat.com/faq/docs/DOC-20491 Third Party Advisory
http://lists.apple.com/archives/security-announce/2010//May/msg00001.html Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2010//May/msg00002.html Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html Third Party Advisory
http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html Third Party Advisory
http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=126150535619567&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=127128920008563&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=127419602507642&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=127557596201693&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=130497311408250&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=132077688910227&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=133469267822771&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=134254866602253&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=142660345230545&w=2 Third Party Advisory
http://marc.info/?l=cryptography&m=125752275331877&w=2 Third Party Advisory
http://openbsd.org/errata45.html#010_openssl Third Party Advisory
http://openbsd.org/errata46.html#004_openssl Third Party Advisory
http://osvdb.org/60521 Broken Link
http://osvdb.org/60972 Broken Link
http://osvdb.org/62210 Broken Link
http://osvdb.org/65202 Broken Link
http://seclists.org/fulldisclosure/2009/Nov/139 Mailing List Third Party Advisory
http://secunia.com/advisories/37291 Third Party Advisory
http://secunia.com/advisories/37292 Third Party Advisory
http://secunia.com/advisories/37320 Third Party Advisory
http://secunia.com/advisories/37383 Third Party Advisory
http://secunia.com/advisories/37399 Third Party Advisory
http://secunia.com/advisories/37453 Third Party Advisory
http://secunia.com/advisories/37501 Third Party Advisory
http://secunia.com/advisories/37504 Third Party Advisory
http://secunia.com/advisories/37604 Third Party Advisory
http://secunia.com/advisories/37640 Third Party Advisory
http://secunia.com/advisories/37656 Third Party Advisory
http://secunia.com/advisories/37675 Third Party Advisory
http://secunia.com/advisories/37859 Third Party Advisory
http://secunia.com/advisories/38003 Third Party Advisory
http://secunia.com/advisories/38020 Third Party Advisory
http://secunia.com/advisories/38056 Third Party Advisory
http://secunia.com/advisories/38241 Third Party Advisory
http://secunia.com/advisories/38484 Third Party Advisory
http://secunia.com/advisories/38687 Third Party Advisory
http://secunia.com/advisories/38781 Third Party Advisory
http://secunia.com/advisories/39127 Third Party Advisory
http://secunia.com/advisories/39136 Third Party Advisory
http://secunia.com/advisories/39242 Third Party Advisory
http://secunia.com/advisories/39243 Third Party Advisory
http://secunia.com/advisories/39278 Third Party Advisory
http://secunia.com/advisories/39292 Third Party Advisory
http://secunia.com/advisories/39317 Third Party Advisory
http://secunia.com/advisories/39461 Third Party Advisory
http://secunia.com/advisories/39500 Third Party Advisory
http://secunia.com/advisories/39628 Third Party Advisory
http://secunia.com/advisories/39632 Third Party Advisory
http://secunia.com/advisories/39713 Third Party Advisory
http://secunia.com/advisories/39819 Third Party Advisory
http://secunia.com/advisories/40070 Third Party Advisory
http://secunia.com/advisories/40545 Third Party Advisory
http://secunia.com/advisories/40747 Third Party Advisory
http://secunia.com/advisories/40866 Third Party Advisory
http://secunia.com/advisories/41480 Third Party Advisory
http://secunia.com/advisories/41490 Third Party Advisory
http://secunia.com/advisories/41818 Third Party Advisory
http://secunia.com/advisories/41967 Third Party Advisory
http://secunia.com/advisories/41972 Third Party Advisory
http://secunia.com/advisories/42377 Third Party Advisory
http://secunia.com/advisories/42379 Third Party Advisory
http://secunia.com/advisories/42467 Third Party Advisory
http://secunia.com/advisories/42724 Third Party Advisory
http://secunia.com/advisories/42733 Third Party Advisory
http://secunia.com/advisories/42808 Third Party Advisory
http://secunia.com/advisories/42811 Third Party Advisory
http://secunia.com/advisories/42816 Third Party Advisory
http://secunia.com/advisories/43308 Third Party Advisory
http://secunia.com/advisories/44183 Third Party Advisory
http://secunia.com/advisories/44954 Third Party Advisory
http://secunia.com/advisories/48577 Third Party Advisory
http://security.gentoo.org/glsa/glsa-200912-01.xml Third Party Advisory
http://security.gentoo.org/glsa/glsa-201203-22.xml Third Party Advisory
http://security.gentoo.org/glsa/glsa-201406-32.xml Third Party Advisory
http://securitytracker.com/id?1023148 Third Party Advisory VDB Entry
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446 Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1 Broken Link
http://support.apple.com/kb/HT4004 Third Party Advisory
http://support.apple.com/kb/HT4170 Third Party Advisory
http://support.apple.com/kb/HT4171 Third Party Advisory
http://support.avaya.com/css/P8/documents/100070150 Third Party Advisory
http://support.avaya.com/css/P8/documents/100081611 Third Party Advisory
http://support.avaya.com/css/P8/documents/100114315 Third Party Advisory
http://support.avaya.com/css/P8/documents/100114327 Third Party Advisory
http://support.citrix.com/article/CTX123359 Third Party Advisory
http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES Broken Link
http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released Broken Link
http://sysoev.ru/nginx/patch.cve-2009-3555.txt Broken Link
http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html Broken Link
http://ubuntu.com/usn/usn-923-1 Third Party Advisory
http://wiki.rpath.com/Advisories:rPSA-2009-0155 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21426108 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21432298 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24006386 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24025312 Third Party Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only Third Party Advisory
http://www.arubanetworks.com/support/alerts/aid-020810.txt Broken Link
http://www.betanews.com/article/1257452450 Third Party Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml Third Party Advisory
http://www.debian.org/security/2009/dsa-1934 Third Party Advisory
http://www.debian.org/security/2011/dsa-2141 Third Party Advisory
http://www.debian.org/security/2015/dsa-3253 Third Party Advisory
http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html Third Party Advisory
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html Third Party Advisory
http://www.ietf.org/mail-archive/web/tls/current/msg03928.html Third Party Advisory
http://www.ietf.org/mail-archive/web/tls/current/msg03948.html Third Party Advisory
http://www.ingate.com/Relnote.php?ver=481 Third Party Advisory
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 Third Party Advisory
http://www.kb.cert.org/vuls/id/120541 Third Party Advisory US Government Resource
http://www.links.org/?p=780 Third Party Advisory
http://www.links.org/?p=786 Third Party Advisory
http://www.links.org/?p=789 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2010:076 Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2010:084 Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2010:089 Broken Link
http://www.mozilla.org/security/announce/2010/mfsa2010-22.html Third Party Advisory
http://www.openoffice.org/security/cves/CVE-2009-3555.html Third Party Advisory
http://www.openssl.org/news/secadv_20091111.txt Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/11/05/3 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/11/05/5 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/11/06/3 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/11/07/3 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/11/20/1 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/11/23/10 Mailing List Third Party Advisory
http://www.opera.com/docs/changelogs/unix/1060/ Third Party Advisory
http://www.opera.com/support/search/view/944/ Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html Third Party Advisory
http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0119.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0130.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0155.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0165.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0167.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0337.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0338.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0339.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0768.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0770.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0786.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0807.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0865.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0986.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0987.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0880.html Third Party Advisory
http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html Third Party Advisory
http://www.securityfocus.com/archive/1/507952/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/508075/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/508130/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/515055/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/516397/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/522176 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/36935 Exploit Patch Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1023163 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1023204 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1023205 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1023206 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1023207 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1023208 Third Party Advisory VDB Entry
cvelogic Threat Intelligence