CVE-2009-1417

EPSS 0.58% · P69 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-1417

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

GnuTLS "gnutls-cli" 远程安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

GnuTLS是用于实现TLS加密协议的函数库。 GnuTLS中的多个安全漏洞可能被远程利用执行欺骗攻击、绕过某些安全限制或导致拒绝服务。 gnutls-cli应用没有正确地检查X.509证书的激活和过期日期，可能诱骗应用程序接受无效的证书。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-1417

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-1417

请登录查看更多情报信息。

http://www.securityfocus.com/bid/34783vdb-entryx_refsource_BID
http://secunia.com/advisories/34842third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/35211third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id?1022159vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2009/1218vdb-entryx_refsource_VUPEN
http://security.gentoo.org/glsa/glsa-200905-04.xmlvendor-advisoryx_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilities/50261vdb-entryx_refsource_XF
http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3517mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2009-1417

Same Patch Batch · n/a · 2009-04-30 · 16 CVEs total

CVE-2009-1313		Mozilla Firefox 资源管理错误漏洞
CVE-2009-0663		Cmu Perl DBD::Pg 'pg_getline()' 和'getline()'堆缓冲区溢出漏洞
CVE-2009-1255		Memcached和MemcacheDB stats maps命令信息泄露漏洞
CVE-2009-1291		TIBCO SmartSockets的RTserver组件栈溢出漏洞
CVE-2009-1295		Apport 本地任意文件删除漏洞
CVE-2009-1339		twiki 会话劫持和跨站请求伪造漏洞
CVE-2009-1341		Debian Perl DBD::Pg 'quote.c'内存泄露漏洞
CVE-2009-1348		McAfee Products 'RAR/ZIP'文件扫描绕过漏洞
CVE-2009-1415		GnuTLS 函数库libgnutls "lib/pk-libgcrypt.c" 远程安全漏洞
CVE-2009-1416		GnuTLS 函数库libgnutls "lib/gnutls_pk.c" 远程安全漏洞
CVE-2009-1432		Symantec Reporting Server 输入验证错误漏洞
CVE-2009-1434		Foswiki 会话劫持和跨站请求伪造漏洞
CVE-2009-1492		Adobe Reader "JavaScript API" 远程代码执行漏洞
CVE-2009-1493		Adobe Reader "JavaScript API" 方法customDictionaryOpen远程代码执行漏洞
CVE-2009-1494		memcached 'process_stat'函数信息泄露漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-1417

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2009-1417

I. Basic Information for CVE-2009-1417

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-1417

III. Intelligence Information for CVE-2009-1417

Same Patch Batch · n/a · 2009-04-30 · 16 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2009-1417

Leave a comment