Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-376-1:93013
HistoryDec 30, 2015 - 11:29 a.m.

[SECURITY] [DLA 376-1] mono security update

2015-12-3011:29:31
lists.debian.org
19

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.97 High

EPSS

Percentile

99.7%

JSON

Package : mono
Version : 2.6.7-5.1+deb6u2
CVE ID : CVE-2009-0689

Mono's string-to-double parser may crash, on specially crafted input. This
could theoretically lead to arbitrary code execution.

This issue has been fixed in Debian 6 Squeeze with the version
2.6.7-5.1+deb6u2 of mono. We recommend that you upgrade your
mono packages.


Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/
Attachment:
signature.asc
Description: PGP signature

OSVersionArchitecturePackageVersionFilename
Debian8armhflibmonoboehm-2.0-1-dbg< 3.2.8+dfsg-10+deb8u1libmonoboehm-2.0-1-dbg_3.2.8+dfsg-10+deb8u1_armhf.deb
Debian5hppakdelibs4c2a< 4:3.5.10.dfsg.1-0lenny4kdelibs4c2a_4:3.5.10.dfsg.1-0lenny4_hppa.deb
Debian8alllibmono-compilerservices-symbolwriter4.0-cil< 3.2.8+dfsg-10+deb8u1libmono-compilerservices-symbolwriter4.0-cil_3.2.8+dfsg-10+deb8u1_all.deb
Debian5mipsellibnspr4-0d-dbg< 4.7.1-5libnspr4-0d-dbg_4.7.1-5_mipsel.deb
Debian5i386libnspr4-dev< 4.7.1-5libnspr4-dev_4.7.1-5_i386.deb
Debian5mipselkdelibs-dbg< 4:3.5.10.dfsg.1-0lenny4kdelibs-dbg_4:3.5.10.dfsg.1-0lenny4_mipsel.deb
Debian8alllibmono-system-web-webpages-deployment2.0-cil< 3.2.8+dfsg-10+deb8u1libmono-system-web-webpages-deployment2.0-cil_3.2.8+dfsg-10+deb8u1_all.deb
Debian5sparclibnspr4-0d-dbg< 4.7.1-5libnspr4-0d-dbg_4.7.1-5_sparc.deb
Debian8i386libmonoboehm-2.0-1< 3.2.8+dfsg-10+deb8u1libmonoboehm-2.0-1_3.2.8+dfsg-10+deb8u1_i386.deb
Debian8alllibmono-system-data-linq2.0-cil< 3.2.8+dfsg-10+deb8u1libmono-system-data-linq2.0-cil_3.2.8+dfsg-10+deb8u1_all.deb
Rows per page:
1-10 of 4491

Related

nessus 56
securityvulns 11
packetstorm 13
openvas 60
osv 3
mageia 1
centos 3
seebug 13
prion 1
redhat 4
opera 1
debiancve 1
veracode 1
fedora 2
threatpost 1
cve 2
debian 4
exploitpack 5
mozilla 1
freebsd 3
oraclelinux 2
ubuntu 2
chrome 1
exploitdb 5
ubuntucve 1
hackerone 1
suse 1
nessus
nessus
Fedora 23 : mono-4.0.5-2.fc23 (2015-6dec4e6d5f)
2016-03-04 00:00:00
Debian DSA-1998-1 : kdelibs - buffer overflow
2010-02-24 00:00:00
SuSE 10 Security Update : kdelibs3 (ZYPP Patch Number 6691)
2009-12-08 00:00:00
securityvulns
securityvulns
Flock 2.5.2 Remote Array Overrun &#40;Arbitrary code execution&#41;
2009-12-15 00:00:00
BSD-based systems &#40;FreeBSD, NetBSD, OpenBSD&#41; index array overflow
2010-01-08 00:00:00
Sun Solaris 10 libc/*convert &#40;*cvt&#41; buffer overflow
2010-05-27 00:00:00
packetstorm
packetstorm
Sun Solaris 10 libc/*convert Buffer Overflow
2010-05-22 00:00:00
Flock 2.5.2 Remote Array Overrun
2009-12-12 00:00:00
Matlab R2009b Array Overrun
2010-01-09 00:00:00
openvas
openvas
SLES11: Security update for Mozilla
2009-11-11 00:00:00
SLES11: Security update for kdelibs3
2009-12-14 00:00:00
SLES10: Security update for mozilla-nspr
2009-11-11 00:00:00
osv
osv
mono - security update
2018-11-01 00:00:00
kdelibs - arbitrary code execution
2010-02-17 00:00:00
mono - security update
2015-12-30 00:00:00
mageia
mageia
Updated mono packages fix security vulnerability
2016-01-14 04:44:39
centos
centos
kdelibs security update
2009-11-25 14:52:10
php security update
2014-03-19 01:15:26
seamonkey security update
2009-10-28 13:15:48
seebug
seebug
多个BSD系统gdtoa/misc.c文件内存破坏漏洞
2009-06-30 00:00:00
Sun Solaris多个libc库数字转换函数缓冲区溢出漏洞
2010-05-25 00:00:00
KDE KDELibs 'dtoa()'远程代码执行漏洞
2009-11-24 00:00:00
prion
prion
Heap overflow
2009-07-01 13:00:00
redhat
redhat
(RHSA-2009:1601) Critical: kdelibs security update
2009-11-24 00:00:00
(RHSA-2014:0312) Critical: php security update
2014-03-18 00:00:00
(RHSA-2014:0311) Critical: php security update
2014-03-18 00:00:00
opera
opera
Heap buffer overflow in string to number conversion
2009-11-20 00:00:00
debiancve
debiancve
CVE-2009-0689
2009-07-01 13:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:58:49
fedora
fedora
[SECURITY] Fedora 23 Update: mono-4.0.5-2.fc23
2015-12-29 22:26:22
[SECURITY] Fedora 11 Update: seamonkey-1.1.19-1.fc11
2010-04-21 21:53:31
threatpost
threatpost
'High Risk' Flaw Fixed in Google Chrome
2009-10-06 22:32:02
cve
cve
CVE-2009-0689
2009-07-01 13:00:00
CVE-2009-1563
2009-10-29 14:30:00
debian
debian
[SECURITY] [DSA 1998-1] New kdelibs packages fix arbitrary code execution
2010-02-17 18:25:18
[Backports-security-announce] Security Update for nsrp
2010-07-21 08:26:53
[Backports-security-announce] Security Update for nsrp
2010-07-21 08:24:14
exploitpack
exploitpack
Sunbird 0.9 - Array Overrun Code Execution
2009-12-11 00:00:00
Opera 10.01 - Remote Array Overrun
2009-11-19 00:00:00
SeaMonkey 1.1.8 - Remote Array Overrun
2009-11-19 00:00:00
mozilla
mozilla
Heap buffer overflow in string to number conversion — Mozilla
2009-10-27 00:00:00
freebsd
freebsd
mono -- DoS and code execution
2015-12-19 00:00:00
opera -- multiple vulnerabilities
2009-11-23 00:00:00
mozilla -- multiple vulnerabilities
2010-03-16 00:00:00
oraclelinux
oraclelinux
kdelibs security update
2009-11-24 00:00:00
php security update
2014-03-18 00:00:00
ubuntu
ubuntu
KDE vulnerabilities
2009-12-11 00:00:00
Thunderbird vulnerabilities
2010-03-18 00:00:00
chrome
chrome
Stable Channel Update
2009-09-30 00:00:00
exploitdb
exploitdb
Sunbird 0.9 - Array Overrun Code Execution
2009-12-11 00:00:00
K-Meleon 1.5.3 - Remote Array Overrun
2009-11-19 00:00:00
KDE KDELibs 4.3.3 - Remote Array Overrun
2009-11-19 00:00:00
ubuntucve
ubuntucve
CVE-2009-0689
2009-07-01 00:00:00
hackerone
hackerone
Ruby: Ruby: Heap Overflow in Floating Point Parsing
2013-11-22 00:00:00
suse
suse
Security update for ruby (critical)
2013-12-05 18:04:15

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.97 High

EPSS

Percentile

99.7%

JSON
Related for DEBIAN:DLA-376-1:93013
nessus56securityvulns11packetstorm13openvas60osv3mageia1centos3seebug13prion1redhat4opera1debiancve1veracode1fedora2threatpost1cve2debian4exploitpack5mozilla1freebsd3oraclelinux2ubuntu2chrome1exploitdb5ubuntucve1hackerone1suse1