Maksymilian Arciemowicz discovered a buffer overflow in the internal
string routines of the KDE core libraries, which could lead to the
execution of arbitrary code.

For the stable distribution (lenny), this problem has been fixed in
version 4:3.5.10.dfsg.1-0lenny4.

For the unstable distribution (sid), this problem has been fixed in
version 4:3.5.10.dfsg.1-3.

We recommend that you upgrade your kdelibs packages.

CPENameOperatorVersion
kdelibseq4:3.5.10.dfsg.1-0lenny3
kdelibseq4:3.5.10.dfsg.1-0lenny1
kdelibseq4:3.5.10.dfsg.1-0lenny2

Name	Operator	Version
kdelibs	eq	4:3.5.10.dfsg.1-0lenny3
kdelibs	eq	4:3.5.10.dfsg.1-0lenny1
kdelibs	eq	4:3.5.10.dfsg.1-0lenny2

References

www.debian.org/security/2010/dsa-1998

seebug 13

openvas 61

nessus 55

securityvulns 11

prion 1

redhat 4

packetstorm 13

opera 1

debiancve 1

fedora 2

veracode 1

threatpost 1

cve 2

debian 5

osv 2

mageia 1

centos 3

oraclelinux 2

ubuntu 2

chrome 1

exploitpack 5

freebsd 3

mozilla 1

exploitdb 5

ubuntucve 1

hackerone 1

suse 1

seebug

多个BSD系统gdtoa/misc.c文件内存破坏漏洞

2009-06-30 00:00:00

Sun Solaris多个libc库数字转换函数缓冲区溢出漏洞

2010-05-25 00:00:00

KDE KDELibs 'dtoa()'远程代码执行漏洞

2009-11-24 00:00:00

openvas

SLES10: Security update for mozilla-nspr

2009-11-11 00:00:00

RedHat Security Advisory RHSA-2009:1601

2009-12-03 00:00:00

CentOS Update for kdelibs CESA-2009:1601 centos4 i386

2011-08-09 00:00:00

nessus

SuSE 11 Security Update : kdelibs4 (SAT Patch Number 1747)

2010-01-12 00:00:00

openSUSE Security Update : opera (opera-1599)

2009-11-30 00:00:00

FreeBSD : mono -- DoS and code execution (4b3a7e70-afce-11e5-b864-14dae9d210b8)

2016-01-04 00:00:00

securityvulns

Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)

2009-12-15 00:00:00

Sun Solaris 10 libc/*convert (*cvt) buffer overflow

2010-05-27 00:00:00

MacOS X 10.5/10.6 libc/strtod(3) buffer overflow

2010-01-08 00:00:00

prion

Heap overflow

2009-07-01 13:00:00

redhat

(RHSA-2009:1601) Critical: kdelibs security update

2009-11-24 00:00:00

(RHSA-2014:0312) Critical: php security update

2014-03-18 00:00:00

(RHSA-2014:0311) Critical: php security update

2014-03-18 00:00:00

packetstorm

Flock 2.5.2 Remote Array Overrun

2009-12-12 00:00:00

J 6.02.023 Array Overrun

2010-01-09 00:00:00

Matlab R2009b Array Overrun

2010-01-09 00:00:00

opera

Heap buffer overflow in string to number conversion

2009-11-20 00:00:00

debiancve

CVE-2009-0689

2009-07-01 13:00:00

fedora

[SECURITY] Fedora 23 Update: mono-4.0.5-2.fc23

2015-12-29 22:26:22

[SECURITY] Fedora 11 Update: seamonkey-1.1.19-1.fc11

2010-04-21 21:53:31

veracode

Denial Of Service (DoS)

2019-01-15 08:58:49

threatpost

'High Risk' Flaw Fixed in Google Chrome

2009-10-06 22:32:02

cve

CVE-2009-0689

2009-07-01 13:00:00

CVE-2009-1563

2009-10-29 14:30:00

debian

[SECURITY] [DLA 376-1] mono security update

2015-12-30 11:29:31

[SECURITY] [DSA 1998-1] New kdelibs packages fix arbitrary code execution

2010-02-17 18:25:18

[Backports-security-announce] Security Update for nsrp

2010-07-21 08:26:53

osv

mono - security update

2018-11-01 00:00:00

mono - security update

2015-12-30 00:00:00

mageia

Updated mono packages fix security vulnerability

2016-01-14 04:44:39

centos

kdelibs security update

2009-11-25 14:52:10

php security update

2014-03-19 01:15:26

seamonkey security update

2009-10-28 13:15:48

oraclelinux

kdelibs security update

2009-11-24 00:00:00

php security update

2014-03-18 00:00:00

ubuntu

KDE vulnerabilities

2009-12-11 00:00:00

Thunderbird vulnerabilities

2010-03-18 00:00:00

chrome

Stable Channel Update

2009-09-30 00:00:00

exploitpack

Sunbird 0.9 - Array Overrun Code Execution

2009-12-11 00:00:00

SeaMonkey 1.1.8 - Remote Array Overrun

2009-11-19 00:00:00

KDE KDELibs 4.3.3 - Remote Array Overrun

2009-11-19 00:00:00

freebsd

mono -- DoS and code execution

2015-12-19 00:00:00

opera -- multiple vulnerabilities

2009-11-23 00:00:00

mozilla -- multiple vulnerabilities

2010-03-16 00:00:00

mozilla

Heap buffer overflow in string to number conversion — Mozilla

2009-10-27 00:00:00

exploitdb

Sunbird 0.9 - Array Overrun Code Execution

2009-12-11 00:00:00

K-Meleon 1.5.3 - Remote Array Overrun

2009-11-19 00:00:00

Opera 10.01 - Remote Array Overrun

2009-11-19 00:00:00

ubuntucve

CVE-2009-0689

2009-07-01 00:00:00

hackerone

Ruby: Ruby: Heap Overflow in Floating Point Parsing

2013-11-22 00:00:00

suse

Security update for ruby (critical)

2013-12-05 18:04:15

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

JSON

Related for OSV:DSA-1998-1