| CVE |  | CVE-2009-0689 |
| Статус | | UNKNOWN |
| Описание | | Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. |
| Важность | | Medium |
| CVSS score | | 6,8 |
| CVSS vector | | (AV:N/AC:M/Au:N/C:P/I:P/A:P) |
| Phase | | ASSIGNED (15.11.2010) |
| NVD: | | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0689 |
| References |  | APPLE : APPLE-SA-2010-03-29-1 |
| | | APPLE : APPLE-SA-2010-06-21-1 |
| | | BID : 35510 |
| | | BUGTRAQ : 20091120 K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution) |
| | | BUGTRAQ : 20091120 SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution) |
| | | BUGTRAQ : 20091210 Camino 1.6.10 Remote Array Overrun (Arbitrary code execution) |
| | | BUGTRAQ : 20091210 Flock 2.5.2 Remote Array Overrun (Arbitrary code execution) |
| | | CONFIRM : http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/g... |
| | | CONFIRM : http://support.apple.com/kb/HT4077 |
| | | CONFIRM : http://support.apple.com/kb/HT4225 |
| | | CONFIRM : http://www.mozilla.org/security/announce/2009/mfsa... |
| | | CONFIRM : http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc... |
| | | CONFIRM : http://www.opera.com/support/kb/view/942/ |
| | | CONFIRM : https://bugzilla.mozilla.org/show_bug.cgi?id=516396 |
| | | CONFIRM : https://bugzilla.mozilla.org/show_bug.cgi?id=516862 |
| | | MANDRIVA : MDVSA-2009:294 |
| | | MANDRIVA : MDVSA-2009:330 |
| | | MISC : http://secunia.com/secunia_research/2009-35/ |
| | | OVAL : oval:org.mitre.oval:def:6528 |
| | | OVAL : oval:org.mitre.oval:def:9541 |
| | | REDHAT : RHSA-2009:1601 |
| | | REDHAT : RHSA-2010:0153 |
| | | REDHAT : RHSA-2010:0154 |
| | | SECTRACK : 1022478 |
| | | SECUNIA : 37431 |
| | | SECUNIA : 37682 |
| | | SECUNIA : 37683 |
| | | SECUNIA : 38066 |
| | | SECUNIA : 38977 |
| | | SECUNIA : 39001 |
| | | SREASONRES : 20090625 Multiple Vendors libc/gdtoa printf(3) Array Overrun |
| | | SREASONRES : 20091030 Multiple BSD printf(1) and multiple dtoa/*printf(3) vulnerabilities |
| | | SREASONRES : 20091120 K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution) |
| | | SREASONRES : 20091120 Opera 10.01 Remote Array Overrun (Arbitrary code execution) |
| | | SREASONRES : 20091120 SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution) |
| | | SREASONRES : 20091211 Camino 1.6.10 Remote Array Overrun (Arbitrary code execution) |
| | | SREASONRES : 20091211 Flock 2.5.2 Remote Array Overrun (Arbitrary code execution) |
| | | SREASONRES : 20091211 Sunbird 0.9 Array Overrun (code execution) |
| | | SREASONRES : 20091211 Thunderbird 2.0.0.23 (lib) Remote Array Overrun (Arbitrary code execution) |
| | | SREASONRES : 20100108 MacOS X 10.5/10.6 libc/strtod(3) buffer overflow |
| | | SUNALERT : 272909 |
| | | SUSE : SUSE-SR:2009:018 |
| | | SUSE : SUSE-SR:2010:013 |
| | | UBUNTU : USN-915-1 |
| | | VUPEN : ADV-2009-3297 |
| | | VUPEN : ADV-2009-3299 |
| | | VUPEN : ADV-2009-3334 |
| | | VUPEN : ADV-2010-0094 |
| | | VUPEN : ADV-2010-0648 |
| | | VUPEN : ADV-2010-0650 |
| SecurityVulns: |  | Переполнение индекса массива в libc BSD-систем (FreeBSD, NetBSD, OpenBSD) |
| | | Многочисленные уязвимости в Mozilla Firefox / Seamonkey |
