CVE-2009-0689

MEDIUM
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.

References

http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.h

http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

http://rhn.redhat.com/errata/RHSA-2014-0311.html

http://rhn.redhat.com/errata/RHSA-2014-0312.html

http://secunia.com/advisories/37431

http://secunia.com/advisories/37682

http://secunia.com/advisories/37683

http://secunia.com/advisories/38066

http://secunia.com/advisories/38977

http://secunia.com/advisories/39001

http://secunia.com/secunia_research/2009-35/

http://securityreason.com/achievement_securityalert/63

http://securityreason.com/achievement_securityalert/69

http://securityreason.com/achievement_securityalert/71

http://securityreason.com/achievement_securityalert/72

http://securityreason.com/achievement_securityalert/73

http://securityreason.com/achievement_securityalert/75

http://securityreason.com/achievement_securityalert/76

http://securityreason.com/achievement_securityalert/77

http://securityreason.com/achievement_securityalert/78

http://securityreason.com/achievement_securityalert/81

http://securitytracker.com/id?1022478

http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1

http://support.apple.com/kb/HT4077

http://support.apple.com/kb/HT4225

http://www.mandriva.com/security/advisories?name=MDVSA-2009:294

http://www.mandriva.com/security/advisories?name=MDVSA-2009:330

http://www.mozilla.org/security/announce/2009/mfsa2009-59.html

http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.c

http://www.opera.com/support/kb/view/942/

http://www.redhat.com/support/errata/RHSA-2009-1601.html

http://www.redhat.com/support/errata/RHSA-2010-0153.html

http://www.redhat.com/support/errata/RHSA-2010-0154.html

http://www.securityfocus.com/archive/1/507977/100/0/threaded

http://www.securityfocus.com/archive/1/507979/100/0/threaded

http://www.securityfocus.com/archive/1/508417/100/0/threaded

http://www.securityfocus.com/archive/1/508423/100/0/threaded

http://www.securityfocus.com/bid/35510

http://www.ubuntu.com/usn/USN-915-1

http://www.vupen.com/english/advisories/2009/3297

http://www.vupen.com/english/advisories/2009/3299

http://www.vupen.com/english/advisories/2009/3334

http://www.vupen.com/english/advisories/2010/0094

http://www.vupen.com/english/advisories/2010/0648

http://www.vupen.com/english/advisories/2010/0650

https://bugzilla.mozilla.org/show_bug.cgi?id=516396

https://bugzilla.mozilla.org/show_bug.cgi?id=516862

https://lists.debian.org/debian-lts-announce/2018/11/msg00001.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6528

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9541

Details

Source: MITRE

Published: 2009-07-01

Updated: 2018-11-02

Type: CWE-119

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:k-meleon_project:k-meleon:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:6.4:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:6.4:release:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:6.4:release_p2:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:6.4:release_p3:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:6.4:release_p4:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:6.4:release_p5:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:6.4:stable:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:7.2:*:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:7.2:pre-release:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:7.2:stable:*:*:*:*:*:*

cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*

cpe:2.3:o:openbsd:openbsd:4.5:*:*:*:*:*:*:*

Tenable Plugins

View all (90 total)

IDNameProductFamilySeverity
118597Debian DLA-1564-1 : mono security updateNessusDebian Local Security Checks
medium
95452SUSE SLES11 Security Update : mono-core (SUSE-SU-2016:2958-1)NessusSuSE Local Security Checks
high
89735VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2010-0001) (remote check)NessusVMware ESX Local Security Checks
critical
88454SUSE SLED11 / SLES11 Security Update : mono-core (SUSE-SU-2016:0257-1)NessusSuSE Local Security Checks
high
87693FreeBSD : mono -- DoS and code execution (4b3a7e70-afce-11e5-b864-14dae9d210b8)NessusFreeBSD Local Security Checks
medium
87682Debian DLA-376-1 : mono security updateNessusDebian Local Security Checks
medium
79002RHEL 5 : php (RHSA-2014:0312)NessusRed Hat Local Security Checks
medium
73115Scientific Linux Security Update : php on SL5.x i386/x86_64 (20140318)NessusScientific Linux Local Security Checks
medium
73091RHEL 5 : php (RHSA-2014:0311)NessusRed Hat Local Security Checks
medium
73089Oracle Linux 5 : php (ELSA-2014-0311)NessusOracle Linux Local Security Checks
medium
73085CentOS 5 : php (CESA-2014:0311)NessusCentOS Local Security Checks
medium
71226SuSE 11.2 / 11.3 Security Update : ruby (SAT Patch Numbers 8578 / 8579)NessusSuSE Local Security Checks
medium
68015Oracle Linux 4 : thunderbird (ELSA-2010-0154)NessusOracle Linux Local Security Checks
critical
67962Oracle Linux 4 / 5 : kdelibs (ELSA-2009-1601)NessusOracle Linux Local Security Checks
medium
67949Oracle Linux 3 / 4 : seamonkey (ELSA-2009-1531)NessusOracle Linux Local Security Checks
critical
67948Oracle Linux 4 / 5 : firefox (ELSA-2009-1530)NessusOracle Linux Local Security Checks
critical
67077CentOS 4 / 5 : kdelibs (CESA-2009:1601)NessusCentOS Local Security Checks
medium
63923RHEL 5 : thunderbird (RHSA-2010:0153)NessusRed Hat Local Security Checks
critical
63402GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)NessusGentoo Local Security Checks
critical
60750Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
critical
60696Scientific Linux Security Update : kdelibs on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
60685Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64NessusScientific Linux Local Security Checks
critical
60683Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
critical
49897SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6617)NessusSuSE Local Security Checks
critical
49895SuSE 10 Security Update : mozilla-nspr (ZYPP Patch Number 6631)NessusSuSE Local Security Checks
medium
49887SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6609)NessusSuSE Local Security Checks
critical
49866SuSE 10 Security Update : kdelibs3 (ZYPP Patch Number 6692)NessusSuSE Local Security Checks
medium
48171Mandriva Linux Security Advisory : kdelibs4 (MDVSA-2010:028)NessusMandriva Local Security Checks
high
48170Mandriva Linux Security Advisory : kdelibs4 (MDVSA-2010:027)NessusMandriva Local Security Checks
high
48157Mandriva Linux Security Advisory : firefox (MDVSA-2009:294)NessusMandriva Local Security Checks
critical
5578Apple iOS < 4.0 Multiple VulnerabilitiesNessus Network MonitorMobile Devices
critical
46687openSUSE Security Update : seamonkey (openSUSE-SU-2010:0273-1)NessusSuSE Local Security Checks
critical
46686openSUSE Security Update : seamonkey (openSUSE-SU-2010:0273-1)NessusSuSE Local Security Checks
critical
46685SuSE9 Security Update : epiphany (YOU Patch Number 12616)NessusSuSE Local Security Checks
critical
46271RHEL 4 : thunderbird (RHSA-2010:0154)NessusRed Hat Local Security Checks
critical
45521Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2010:071)NessusMandriva Local Security Checks
critical
5489Mac OS X < 10.6.3 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
45376openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-2189)NessusSuSE Local Security Checks
critical
45375openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-2189)NessusSuSE Local Security Checks
critical
45373Mac OS X Multiple Vulnerabilities (Security Update 2010-002)NessusMacOS X Local Security Checks
critical
45372Mac OS X 10.6.x < 10.6.3 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
45361CentOS 5 : thunderbird (CESA-2010:0153)NessusCentOS Local Security Checks
critical
45114FreeBSD : mozilla -- multiple vulnerabilities (56cfe192-329f-11df-abb2-000f20797ede)NessusFreeBSD Local Security Checks
critical
5480Mozilla Thunderbird < 2.0.0.24 Multiple VulnerabilitiesNessus Network MonitorSMTP Clients
medium
5479SeaMonkey < 1.1.19 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
45111SeaMonkey < 1.1.19 Multiple VulnerabilitiesNessusWindows
high
45110Mozilla Thunderbird < 2.0.0.24 Multiple VulnerabilitiesNessusWindows
high
45108Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : thunderbird vulnerabilities (USN-915-1)NessusUbuntu Local Security Checks
critical
45093CentOS 4 : thunderbird (CESA-2010:0154)NessusCentOS Local Security Checks
critical
44862Debian DSA-1998-1 : kdelibs - buffer overflowNessusDebian Local Security Checks
medium
44796Debian DSA-1931-1 : nspr - several vulnerabilitiesNessusDebian Local Security Checks
critical
43858SuSE 11 Security Update : kdelibs4 (SAT Patch Number 1747)NessusSuSE Local Security Checks
medium
43826VMSA-2010-0001 : ESX Service Console and vMA updates for nss and nsprNessusVMware ESX Local Security Checks
critical
43613Mandriva Linux Security Advisory : kde (MDVSA-2009:346)NessusMandriva Local Security Checks
critical
43379SuSE9 Security Update : kdelibs3 (YOU Patch Number 12563)NessusSuSE Local Security Checks
medium
43109Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : kdelibs vulnerabilities (USN-871-1)NessusUbuntu Local Security Checks
medium
43057SuSE 10 Security Update : kdelibs3 (ZYPP Patch Number 6691)NessusSuSE Local Security Checks
medium
43056SuSE 11 Security Update : kdelibs3 (SAT Patch Number 1639)NessusSuSE Local Security Checks
medium
42992Mandriva Linux Security Advisory : firefox (MDVSA-2009:290-1)NessusMandriva Local Security Checks
critical
42967FreeBSD : opera -- multiple vulnerabilities (6431c4db-deb4-11de-9078-0030843d3802)NessusFreeBSD Local Security Checks
medium
42927openSUSE Security Update : opera (opera-1599)NessusSuSE Local Security Checks
medium
42924openSUSE Security Update : opera (opera-1599)NessusSuSE Local Security Checks
medium
42922openSUSE Security Update : opera (opera-1599)NessusSuSE Local Security Checks
medium
42892Opera < 10.10 Multiple VulnerabilitiesNessusWindows
high
42890RHEL 4 / 5 : kdelibs (RHSA-2009:1601)NessusRed Hat Local Security Checks
medium
800847Opera < 10.10 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
5241Opera < 10.10 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
42474Ubuntu 9.10 : firefox-3.5, xulrunner-1.9.1 regression (USN-853-2)NessusUbuntu Local Security Checks
critical
42421SuSE 10 Security Update : mozilla-nspr (ZYPP Patch Number 6630)NessusSuSE Local Security Checks
medium
42420SuSE 11 Security Update : Mozilla (SAT Patch Number 1503)NessusSuSE Local Security Checks
medium
42418openSUSE Security Update : mozilla-nspr (mozilla-nspr-1510)NessusSuSE Local Security Checks
medium
42416openSUSE Security Update : mozilla-nspr (mozilla-nspr-1510)NessusSuSE Local Security Checks
medium
42391openSUSE Security Update : MozillaFirefox (MozillaFirefox-1499)NessusSuSE Local Security Checks
critical
42388openSUSE Security Update : MozillaFirefox (MozillaFirefox-1499)NessusSuSE Local Security Checks
critical
42383Fedora 10 : Miro-2.0.5-5.fc10 / blam-1.8.5-15.fc10 / epiphany-2.24.3-11.fc10 / etc (2009-10981)NessusFedora Local Security Checks
critical
42366SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6616)NessusSuSE Local Security Checks
critical
42365SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6606)NessusSuSE Local Security Checks
critical
42364SuSE 11 Security Update : Mozilla XULRunner (SAT Patch Number 1493)NessusSuSE Local Security Checks
critical
42363SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1488)NessusSuSE Local Security Checks
critical
42335Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1 vulnerabilities (USN-853-1)NessusUbuntu Local Security Checks
critical
42306Firefox 3.5.x < 3.5.4 Multiple VulnerabilitiesNessusWindows
high
42305Firefox < 3.0.15 Multiple VulnerabilitiesNessusWindows
high
42298FreeBSD : mozilla -- multiple vulnerabilities (c87aa2d2-c3c4-11de-ab08-000f20797ede)NessusFreeBSD Local Security Checks
critical
42297Fedora 11 : Miro-2.5.2-5.fc11 / blam-1.8.5-15.fc11 / chmsee-1.0.1-12.fc11 / eclipse-3.4.2-17.fc11 / etc (2009-10878)NessusFedora Local Security Checks
critical
42296CentOS 3 / 4 : seamonkey (CESA-2009:1531)NessusCentOS Local Security Checks
critical
42295CentOS 4 : firefox (CESA-2009:1530)NessusCentOS Local Security Checks
critical
42288RHEL 3 / 4 : seamonkey (RHSA-2009:1531)NessusRed Hat Local Security Checks
critical
42287RHEL 4 / 5 : firefox (RHSA-2009:1530)NessusRed Hat Local Security Checks
critical
5193Google Chrome < 3.0.195.24 RCENessus Network MonitorWeb Clients
medium
41958Google Chrome < 3.0.195.24 dtoa Implementation Remote OverflowNessusWindows
medium