vulnerability context

CVE-2009-3476

EPSS 89%CWE-119

Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x before 1.3.4, and XMLTooling before 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x before 2.2.1, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed encoded URL.

Published 2009-09-29 · last modified 2026-06-16

details

CISA KEV status: Not in catalog
EPSS: 89% percentile (score 0.0410)
CWE: CWE-119
OTX pulses: 0 total, 0 recent

View on NVD → · cve.org

source mentions 1

[CyberHub] 📌 CVE-2009-3476 - Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software...Bluesky:@cyberhub.blog · 2h ago

source consensus

Bluesky:@cyberhub.blog1×

Want the 3-bullet summary of CVE-2009-3476, plus webhook alerts when KEV is updated? Pro is $10/mo.

Open in reader See Pro →