Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2009-0689

Published: 01/07/2009 Updated: 02/11/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 735
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Freebsd

Vulnerability Summary

Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x prior to 3.0.15 and 3.5.x prior to 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

freebsd freebsd 6.4

openbsd openbsd 4.5

netbsd netbsd 5.0

mozilla firefox 3.0.2

mozilla firefox 3.0.3

mozilla firefox 3.5

mozilla firefox 3.5.1

freebsd freebsd 7.2

mozilla firefox 3.0.13

mozilla firefox 3.0.14

mozilla firefox 3.0.8

mozilla firefox 3.0.9

mozilla firefox 3.0.11

mozilla firefox 3.0.12

mozilla firefox 3.0.6

mozilla firefox 3.0.7

k-meleon project k-meleon 1.5.3

mozilla seamonkey 1.1.8

mozilla firefox 3.0.1

mozilla firefox 3.0.10

mozilla firefox 3.0.4

mozilla firefox 3.0.5

mozilla firefox 3.5.2

mozilla firefox 3.5.3

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2009-0689: remote array overrun
Debian Bug report logs - #559265 CVE-2009-0689: remote array overrun Package: kdelibs; Maintainer for kdelibs is (unknown); Reported by: Giuseppe Iuculano <iuculano@debianorg> Date: Thu, 3 Dec 2009 08:21:02 UTC Severity: grave Tags: patch, security Fixed in version kdelibs/4:3510dfsg1-3 Done: Debian Qt/KDE Maintain ...
Red Hat: Moderate: thunderbird security update
Synopsis Moderate: thunderbird security update Type/Severity Security Advisory: Moderate Topic An updated thunderbird package that fixes several security issues is nowavailable for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common V ...
Red Hat: Moderate: thunderbird security update
Synopsis Moderate: thunderbird security update Type/Severity Security Advisory: Moderate Topic An updated thunderbird package that fixes several security issues is nowavailable for Red Hat Enterprise Linux 4The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common V ...
Ubuntu Security Notice: thunderbird vulnerabilities
Several flaws were discovered in the JavaScript engine of Thunderbird If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program (CVE-2009-0689, CVE-2009-2463, CVE-2009-3075) ...
Ubuntu Security Notice: kdelibs vulnerabilities
A buffer overflow was found in the KDE libraries when converting a string to a floating point number If a user or application linked against kdelibs were tricked into processing crafted input, an attacker could cause a denial of service (via application crash) or possibly execute arbitrary code with the privileges of the user invoking the program ...
Mozilla: Heap buffer overflow in string to number conversion
Mozilla Foundation Security Advisory 2009-59 Heap buffer overflow in string to number conversion Announced October 27, 2009 Reporter Alin Rad Pop Impact Critical Products Firefox Fixed in ...

Exploits

Exploit DB: K-Meleon 1.5.3 - Remote Array Overrun
From Full Disclosure: seclistsorg/fulldisclosure/2009/Nov/222 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [ K-Meleon 153 Remote Array Overrun (Arbitrary code execution) ] Author: Maksymilian Arciemowicz and sp3x SecurityReasoncom Date: - - Dis: 07052009 - - Pub: 20112009 CVE: CVE-2009-0689 Risk: High Remote: Yes Affec ...
Exploit DB: MATLAB R2009b - 'dtoa' Implementation Memory Corruption
source: wwwsecurityfocuscom/bid/37688/info MATLAB is prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index Attackers may exploit this issue to execute arbitrary code within the context of affected applications MATLAB R2009b is affected; other versions may also be vul ...
Exploit DB: Apple Mac OSX 10.x - 'libc/strtod(3)' Memory Corruption
source: wwwsecurityfocuscom/bid/37687/info Mac OS X is prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index Attackers may exploit this issue to execute arbitrary code within the context of affected applications Mac OS X 105 and 106 are affected; other versions may ...
Exploit DB: Mozilla Firefox 3.5.3 - Floating Point Conversion Heap Overflow
source: wwwsecurityfocuscom/bid/36851/info Mozilla Firefox is prone to a heap-based buffer-overflow vulnerability An attacker can exploit this issue by tricking a victim into visiting a malicious webpage to execute arbitrary code and to cause denial-of-service conditions NOTE: This issue was previously covered in BID 36843 (Mozilla Fi ...
Exploit DB: Opera Web Browser 10.01 - 'dtoa()' Remote Code Execution
source: wwwsecurityfocuscom/bid/37078/info Opera Web Browser is prone to a remote code-execution vulnerability Successful exploits may allow an attacker to execute arbitrary code Failed attacks may cause denial-of-service conditions NOTE: This issue is related to BID 35510 (Multiple BSD Distributions 'gdtoa/miscc' Memory Corruption ...
Exploit DB: KDE 4.3.3 - KDELibs 'dtoa()' Remote Code Execution
source: wwwsecurityfocuscom/bid/37080/info KDE is prone to a remote code-execution vulnerability that affects KDELibs Successful exploits may allow an attacker to execute arbitrary code Failed attacks may cause denial-of-service conditions NOTE: This issue is related to BID 35510 (Multiple BSD Distributions 'gdtoa/miscc' Memory Corr ...
Exploit DB: Opera 10.01 - Remote Array Overrun
From Full Disclosure: seclistsorg/fulldisclosure/2009/Nov/223 [ Opera 1001 Remote Array Overrun (Arbitrary code execution) ] Author: Maksymilian Arciemowicz and sp3x SecurityReasoncom Date: - - Dis: 07052009 - - Pub: 20112009 CVE: CVE-2009-0689 Risk: High Remote: Yes Affected Software: - - Opera 1001 - - Opera 1010 Bet ...
Exploit DB: Sunbird 0.9 - Array Overrun Code Execution
full disclosure: seclistsorg/fulldisclosure/2009/Dec/253 [ Sunbird 09 Array Overrun (code execution) ] Author: Maksymilian Arciemowicz and sp3x SecurityReasoncom Date: - Dis: 07052009 - Pub: 11122009 CVE: CVE-2009-0689 CWE: CWE-199 Risk: High Remote: Yes Affected Software: - Sunbird 09 NOTE: Prior versions may also be a ...
Exploit DB: SeaMonkey 1.1.8 - Remote Array Overrun
From Full Disclosure: seclistsorg/fulldisclosure/2009/Nov/221 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [ SeaMonkey 118 Remote Array Overrun (Arbitrary code execution) ] Author: Maksymilian Arciemowicz and sp3x SecurityReasoncom Date: - - Dis: 07052009 - - Pub: 20112009 CVE: CVE-2009-0689 Risk: High Remote: Yes Affe ...
Exploit DB: BSD (Multiple Distributions) - 'gdtoa/misc.c' Memory Corruption
source: wwwsecurityfocuscom/bid/35510/info Multiple BSD distributions are prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index Attackers may exploit this issue to execute arbitrary code within the context of affected applications The following are vulnerable: OpenB ...
Exploit DB: KDE KDELibs 4.3.3 - Remote Array Overrun
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [ KDE KDELibs 433 Remote Array Overrun (Arbitrary code execution) ] Author: Maksymilian Arciemowicz and sp3x SecurityReasoncom Date: - - Dis: 07052009 - - Pub: 20112009 CVE: CVE-2009-0689 Risk: High Remote: Yes Affected Software: - - KDELibs 433 NOTE: Prior versions may also be af ...
Exploit DB: Sunbird 0.9 Array Overrun
Sunbird version 09 suffers from a remote array overrun that allows for code execution ...
Exploit DB: K-Meleon 1.5.3 Remote Array Overrun
K-Meleon version 153 suffers from a remote array overrun vulnerability that allows for arbitrary code execution ...
Exploit DB: Mac OS X 10.6.3 Filesystem HFS Denial Of Service
Mac OS X version 1063 suffers from a HFS related denial of service vulnerability ...
Exploit DB: Camino 1.6.10 Remote Array Overrun
Camino version 1610 suffers from a remote array overrun that allows for arbitrary code execution ...
Exploit DB: KDELibs 4.3.3 Remote Array Overrun
KDE KDELibs version 433 suffers from a remote array overrun vulnerability that allows for arbitrary code execution ...
Exploit DB: Matlab R2009b Array Overrun
Matlab R2009b suffers from an array overrun vulnerability that allows for code execution ...
Exploit DB: Mac OS X 10.5 / 10.6 libc/strtod(3) Buffer Overflow
Mac OS X versions 105 and 106 suffers from a buffer overflow vulnerability in libc/strtod(3) ...
Exploit DB: Flock 2.5.2 Remote Array Overrun
Flock version 252 suffers from a remote array overrun that allows for arbitrary code execution ...
Exploit DB: J 6.02.023 Array Overrun
J version 602023 suffers from an array overrun vulnerability ...
Exploit DB: Opera 10.01 Remote Array Overrun
Opera version 1001 suffers from a remote array overrun vulnerability that allows for arbitrary code execution ...
Exploit DB: Thunderbird 2.0.0.23 Remote Array Overrun
Thunderbird version 20023 suffers from a remote array overrun that allows for arbitrary code execution ...
Exploit DB: Sun Solaris 10 libc/*convert Buffer Overflow
Sun Solaris 10 libc/*convert (*cvt) suffers from a buffer overflow vulnerability ...
Exploit DB: SeaMonkey 1.1.0 Remote Array Overrun
SeaMonkey version 118 suffers from a remote array overrun vulnerability that allows for arbitrary code execution ...

Github Repositories

https://github.com/rocketprogrammer/awesome-stars

My GitHub repo stars

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents ActionScript Batchfile Blade C C# C++ CSS Crystal Cython Dart Dockerfile Emacs Lisp Go HTML Hack Java JavaScript Jinja Kotlin Lua MDX Makefile Markdown Mathematica Objective-C Others PHP Pascal PowerShell Python QML Rust Shell Svelte Swift TypeScript Visual Basic NET Vue Zig ActionScript loon

References

CWE-119http://www.securityfocus.com/bid/35510http://securitytracker.com/id?1022478http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.chttp://securityreason.com/achievement_securityalert/63http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.hhttp://securityreason.com/achievement_securityalert/77http://www.opera.com/support/kb/view/942/http://www.redhat.com/support/errata/RHSA-2009-1601.htmlhttp://securityreason.com/achievement_securityalert/72http://www.vupen.com/english/advisories/2009/3297http://securityreason.com/achievement_securityalert/73http://secunia.com/advisories/37683http://secunia.com/advisories/37431http://securityreason.com/achievement_securityalert/71http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1http://www.vupen.com/english/advisories/2009/3299http://www.mandriva.com/security/advisories?name=MDVSA-2009:294http://secunia.com/advisories/37682https://bugzilla.mozilla.org/show_bug.cgi?id=516396http://www.mandriva.com/security/advisories?name=MDVSA-2009:330http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=516862http://secunia.com/secunia_research/2009-35/http://securityreason.com/achievement_securityalert/78http://www.vupen.com/english/advisories/2009/3334http://www.mozilla.org/security/announce/2009/mfsa2009-59.htmlhttp://securityreason.com/achievement_securityalert/75http://securityreason.com/achievement_securityalert/76http://securityreason.com/achievement_securityalert/69http://secunia.com/advisories/38066http://www.vupen.com/english/advisories/2010/0094http://securityreason.com/achievement_securityalert/81http://secunia.com/advisories/39001http://www.redhat.com/support/errata/RHSA-2010-0153.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0154.htmlhttp://www.vupen.com/english/advisories/2010/0650http://www.ubuntu.com/usn/USN-915-1http://www.vupen.com/english/advisories/2010/0648http://secunia.com/advisories/38977http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.htmlhttp://support.apple.com/kb/HT4077http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlhttp://support.apple.com/kb/HT4225http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0311.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0312.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9541https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6528http://www.securityfocus.com/archive/1/508423/100/0/threadedhttp://www.securityfocus.com/archive/1/508417/100/0/threadedhttp://www.securityfocus.com/archive/1/507979/100/0/threadedhttp://www.securityfocus.com/archive/1/507977/100/0/threadedhttps://lists.debian.org/debian-lts-announce/2018/11/msg00001.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559265https://nvd.nist.govhttps://usn.ubuntu.com/915-1/https://www.exploit-db.com/exploits/10186/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-47626CVE-2024-3400physicalCVE-2024-31426CVE-2024-22423CVE-2024-22438injectlocal usersCVE-2024-3797
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook