{"id":"CVE-2009-1490","details":"Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.","modified":"2026-01-27T04:09:47.250280Z","published":"2009-05-05T19:30:00Z","withdrawn":"2026-01-27T04:09:47.250280Z","references":[{"type":"FIX","url":"http://www.sendmail.org/releases/8.13.2"},{"type":"ARTICLE","url":"http://www.nmrc.org/~thegnome/blog/apr09/"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"}],"schema_version":"1.7.3"}