Podatność CVE-2009-0689

Podatność CVE-2009-0689

Publikacja: 2009-07-01 Modyfikacja: 2012-02-13

Opis:

Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:

	Tytuł	Autor	Data
High	Multiple Vendors libc/gdtoa printf(3) Array Overrun	Maksymilian Arci...	27.06.2009
High	K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution)	Maksymilian Arci...	24.11.2009
High	KDE KDELibs 4.3.3 Remote Array Overrun (Arbitrary code execution)	Maksymilian Arci...	24.11.2009
High	Opera 10.01 Remote Array Overrun (Arbitrary code execution)	Maksymilian Arci...	24.11.2009
High	SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution)	Maksymilian Arci...	20.11.2009
High	Flock 2.5.2 Remote Array Overrun (Arbitrary code execution)	Maksymilian Arci...	14.12.2009
High	Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)	Maksymilian Arci...	14.12.2009
High	Sunbird 0.9 Array Overrun (code execution)	Maksymilian Arci...	14.12.2009
High	Thunderbird 2.0.0.23 (lib) Remote Array Overrun (Arbitrary code execution)	Maksymilian Arci...	14.12.2009
High	J 6.02.023 Array Overrun (code execution)	Maksymilian Arci...	08.01.2010
High	Matlab R2009b Array Overrun (code execution)	Maksymilian Arci...	08.01.2010
High	MacOS X 10.5/10.6 libc/strtod(3) buffer overflow	Maksymilian Arci...	08.01.2010

Typ:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
6.8/10	6.4/10	8.6/10

Wymagany dostęp	Złożoność ataku	Autoryzacja
Zdalny	Średnia	Nie wymagana
Wpływ na poufność	Wpływ na integralność	Wpływ na dostępność
Częściowy	Częściowy	Częściowy

Affected software
Openbsd -> Openbsd
Netbsd -> Netbsd
Mozilla -> Firefox
Mozilla -> Seamonkey
K-meleon project -> K-meleon
Freebsd -> Freebsd

Referencje:

http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.h

http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

http://rhn.redhat.com/errata/RHSA-2014-0311.html

http://rhn.redhat.com/errata/RHSA-2014-0312.html

http://securityreason.com/achievement_securityalert/63

http://securityreason.com/achievement_securityalert/69

http://securityreason.com/achievement_securityalert/71

http://securityreason.com/achievement_securityalert/72

http://securityreason.com/achievement_securityalert/73

http://securityreason.com/achievement_securityalert/75

http://securityreason.com/achievement_securityalert/76

http://securityreason.com/achievement_securityalert/77

http://securityreason.com/achievement_securityalert/78

http://securityreason.com/achievement_securityalert/81

http://securitytracker.com/id?1022478

http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1

http://support.apple.com/kb/HT4077

http://support.apple.com/kb/HT4225

http://www.mandriva.com/security/advisories?name=MDVSA-2009:294

http://www.mandriva.com/security/advisories?name=MDVSA-2009:330

http://www.mozilla.org/security/announce/2009/mfsa2009-59.html

http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.c

http://www.opera.com/support/kb/view/942/

http://www.redhat.com/support/errata/RHSA-2009-1601.html

http://www.redhat.com/support/errata/RHSA-2010-0153.html

http://www.redhat.com/support/errata/RHSA-2010-0154.html

http://www.securityfocus.com/archive/1/507977/100/0/threaded

http://www.securityfocus.com/archive/1/507979/100/0/threaded

http://www.securityfocus.com/archive/1/508417/100/0/threaded

http://www.securityfocus.com/archive/1/508423/100/0/threaded

http://www.securityfocus.com/bid/35510

http://www.ubuntu.com/usn/USN-915-1

http://www.vupen.com/english/advisories/2009/3297

http://www.vupen.com/english/advisories/2009/3299

http://www.vupen.com/english/advisories/2009/3334

http://www.vupen.com/english/advisories/2010/0094

http://www.vupen.com/english/advisories/2010/0648

http://www.vupen.com/english/advisories/2010/0650

https://bugzilla.mozilla.org/show_bug.cgi?id=516396

https://bugzilla.mozilla.org/show_bug.cgi?id=516862

https://lists.debian.org/debian-lts-announce/2018/11/msg00001.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6528

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9541

Podatność CVE-2009-0689

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:

High

High

High

High

High

High

High

High

High

High

High

High

CWE-119

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

6.8/10

6.4/10

8.6/10

Zdalny

Średnia

Nie wymagana

Częściowy

Częściowy

Częściowy

Affected software

Referencje: