[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

88036

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2009-0689Date: (C)2009-07-01   (M)2018-06-20


Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1022478
http://securityreason.com/achievement_securityalert/63
http://securityreason.com/achievement_securityalert/69
http://www.securityfocus.com/archive/1/archive/1/507977/100/0/threaded
http://securityreason.com/achievement_securityalert/73
http://www.securityfocus.com/archive/1/archive/1/507979/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/508423/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/508417/100/0/threaded
http://securityreason.com/achievement_securityalert/76
http://securityreason.com/achievement_securityalert/75
http://securityreason.com/achievement_securityalert/77
http://securityreason.com/achievement_securityalert/78
http://securityreason.com/achievement_securityalert/81
SUNALERT-272909
BID-35510
SECUNIA-37431
SECUNIA-37682
SECUNIA-37683
SECUNIA-38066
SECUNIA-38977
SECUNIA-39001
ADV-2009-3297
ADV-2009-3299
ADV-2009-3334
ADV-2010-0094
ADV-2010-0648
ADV-2010-0650
APPLE-SA-2010-03-29-1
APPLE-SA-2010-06-21-1
MDVSA-2009:294
MDVSA-2009:330
RHSA-2009:1601
RHSA-2010:0153
RHSA-2010:0154
RHSA-2014:0311
RHSA-2014:0312
SUSE-SR:2009:018
SUSE-SR:2010:013
USN-915-1
http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.h
http://secunia.com/secunia_research/2009-35/
http://support.apple.com/kb/HT4077
http://support.apple.com/kb/HT4225
http://www.mozilla.org/security/announce/2009/mfsa2009-59.html
http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.c
http://www.opera.com/support/kb/view/942/
https://bugzilla.mozilla.org/show_bug.cgi?id=516396
https://bugzilla.mozilla.org/show_bug.cgi?id=516862

CPE    22
cpe:/o:openbsd:openbsd:4.5
cpe:/o:freebsd:freebsd:7.2
cpe:/o:freebsd:freebsd:6.4
cpe:/a:mozilla:seamonkey:1.1.8
...
CWE    1
CWE-119
OVAL    27
oval:org.secpod.oval:def:100242
oval:org.secpod.oval:def:300796
oval:org.secpod.oval:def:109898
oval:org.secpod.oval:def:202192
...

© SecPod Technologies