Lucene search
Gentoo FoundationGLSA-200903-13HistoryMar 09, 2009 - 12:00 a.m.
MPFR: Denial of service
2009-03-0900:00:00
Gentoo Foundation
security.gentoo.org
7
0.008 Low
EPSS
Percentile
82.1%
Background
MPFR is a library for multiple-precision floating-point computations with exact rounding.
Description
Multiple buffer overflows have been reported in the mpfr_snprintf() and mpfr_vsnprintf() functions.
Impact
A remote user could exploit the vulnerability to cause a Denial of Service in an application using MPFR via unknown vectors.
Workaround
There is no known workaround at this time.
Resolution
All MPRF users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/mpfr-2.4.1"
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | dev-libs/mpfr | < 2.4.1 | UNKNOWN |
Related
prion
prion
Buffer overflow
2009-03-03 16:30:00
cvelist
cvelist
CVE-2009-0757
2009-03-03 16:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200903-13 (mpfr)
2009-03-13 00:00:00
Gentoo Security Advisory GLSA 200903-13 (mpfr)
2009-03-13 00:00:00
Ubuntu: Security Advisory (USN-772-1)
2009-06-05 00:00:00
nessus
nessus
GLSA-200903-13 : MPFR: Denial of Service
2009-03-10 00:00:00
Ubuntu 9.04 : mpfr vulnerability (USN-772-1)
2009-05-08 00:00:00
securityvulns
securityvulns
[ GLSA 200903-13 ] MPFR: Denial of Service
2009-03-09 00:00:00
MPFR library buffer overflow
2009-03-09 00:00:00
ubuntucve
ubuntucve
CVE-2009-0757
2009-03-03 00:00:00
cve
cve
CVE-2009-0757
2009-03-03 16:30:00
ubuntu
ubuntu
MPFR vulnerability
2009-05-07 00:00:00