Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-3389HistoryDec 17, 2009 - 5:30 p.m.
CVE-2009-3389
2009-12-1717:30:00
Debian Security Bug Tracker
security-tracker.debian.org
11
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.075 Low
EPSS
Percentile
94.0%
Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libtheora | < 1.1 | libtheora_1.1_all.deb |
| Debian | 11 | all | libtheora | < 1.1 | libtheora_1.1_all.deb |
| Debian | 10 | all | libtheora | < 1.1 | libtheora_1.1_all.deb |
| Debian | 999 | all | libtheora | < 1.1 | libtheora_1.1_all.deb |
| Debian | 13 | all | libtheora | < 1.1 | libtheora_1.1_all.deb |
Related
nessus
nessus
openSUSE Security Update : libtheora (libtheora-2069)
2010-04-09 00:00:00
Mandriva Linux Security Advisory : libtheora (MDVSA-2010:043)
2010-02-22 00:00:00
GLSA-201312-04 : libtheora: Arbitrary code execution
2013-12-03 00:00:00
openvas
openvas
Mandriva Update for pciutils MDVA-2010:043 (pciutils)
2010-01-29 00:00:00
Mandriva Update for pciutils MDVA-2010:043 (pciutils)
2010-01-29 00:00:00
Mandriva Update for libtheora MDVSA-2010:043 (libtheora)
2010-02-22 00:00:00
gentoo
gentoo
libtheora: Arbitrary code execution
2013-12-03 00:00:00
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
ubuntucve
ubuntucve
CVE-2009-3389
2009-12-15 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2009-67
2009-12-17 00:00:00
Mozilla Firefox multiple security vulnerabilities
2009-12-17 00:00:00
cve
cve
CVE-2009-3389
2009-12-17 17:30:00
prion
prion
Integer overflow
2009-12-17 17:30:00
debian
debian
[SECURITY] [DSA 2045-1] New libtheora packages fix arbitrary code execution
2010-05-11 19:33:02
osv
osv
libtheora - arbitrary code execution
2010-05-11 00:00:00
mozilla
mozilla
Integer overflow, crash in libtheora video library — Mozilla
2009-12-15 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: seamonkey-2.0.1-1.fc12
2009-12-18 04:36:12
[SECURITY] Fedora 11 Update: xulrunner-1.9.1.6-1.fc11
2009-12-18 04:32:41
[SECURITY] Fedora 11 Update: firefox-3.5.6-1.fc11
2009-12-18 04:32:41
ubuntu
ubuntu
Firefox 3.5 and Xulrunner 1.9.1 regression
2010-01-08 00:00:00
Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities
2009-12-18 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2009-12-16 00:00:00
suse
suse
remote code execution in MozillaFirefox
2009-12-22 15:19:49
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.075 Low
EPSS
Percentile
94.0%
Related for DEBIANCVE:CVE-2009-3389