Lucene search
RedHatRHSA-2009:1601HistoryNov 24, 2009 - 12:00 a.m.
(RHSA-2009:1601) Critical: kdelibs security update
2009-11-2400:00:00
access.redhat.com
21
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.97 High
EPSS
Percentile
99.7%
The kdelibs packages provide libraries for the K Desktop Environment (KDE).
A buffer overflow flaw was found in the kdelibs string to floating point
conversion routines. A web page containing malicious JavaScript could crash
Konqueror or, potentially, execute arbitrary code with the privileges of the
user running Konqueror. (CVE-2009-0689)
Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The desktop must be restarted (log out, then
log back in) for this update to take effect.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 5 | ppc64 | kdelibs | < 3.5.4-25.el5_4.1 | kdelibs-3.5.4-25.el5_4.1.ppc64.rpm |
| RedHat | 5 | i386 | kdelibs | < 3.5.4-25.el5_4.1 | kdelibs-3.5.4-25.el5_4.1.i386.rpm |
| RedHat | 5 | src | kdelibs | < 3.5.4-25.el5_4.1 | kdelibs-3.5.4-25.el5_4.1.src.rpm |
| RedHat | 5 | ia64 | kdelibs-devel | < 3.5.4-25.el5_4.1 | kdelibs-devel-3.5.4-25.el5_4.1.ia64.rpm |
| RedHat | 4 | ia64 | kdelibs | < 3.3.1-17.el4_8.1 | kdelibs-3.3.1-17.el4_8.1.ia64.rpm |
| RedHat | 5 | ppc | kdelibs-devel | < 3.5.4-25.el5_4.1 | kdelibs-devel-3.5.4-25.el5_4.1.ppc.rpm |
| RedHat | 5 | x86_64 | kdelibs-devel | < 3.5.4-25.el5_4.1 | kdelibs-devel-3.5.4-25.el5_4.1.x86_64.rpm |
| RedHat | 5 | x86_64 | kdelibs-apidocs | < 3.5.4-25.el5_4.1 | kdelibs-apidocs-3.5.4-25.el5_4.1.x86_64.rpm |
| RedHat | 5 | i386 | kdelibs-apidocs | < 3.5.4-25.el5_4.1 | kdelibs-apidocs-3.5.4-25.el5_4.1.i386.rpm |
| RedHat | 5 | ppc | kdelibs-apidocs | < 3.5.4-25.el5_4.1 | kdelibs-apidocs-3.5.4-25.el5_4.1.ppc.rpm |
Related
seebug
seebug
多个BSD系统gdtoa/misc.c文件内存破坏漏洞
2009-06-30 00:00:00
Sun Solaris多个libc库数字转换函数缓冲区溢出漏洞
2010-05-25 00:00:00
KDE KDELibs 'dtoa()'远程代码执行漏洞
2009-11-24 00:00:00
openvas
openvas
SLES10: Security update for mozilla-nspr
2009-11-11 00:00:00
RedHat Security Advisory RHSA-2009:1601
2009-12-03 00:00:00
CentOS Update for kdelibs CESA-2009:1601 centos4 i386
2011-08-09 00:00:00
nessus
nessus
SuSE 11 Security Update : kdelibs4 (SAT Patch Number 1747)
2010-01-12 00:00:00
Debian DSA-1998-1 : kdelibs - buffer overflow
2010-02-24 00:00:00
SuSE 10 Security Update : kdelibs3 (ZYPP Patch Number 6691)
2009-12-08 00:00:00
prion
prion
Heap overflow
2009-07-01 13:00:00
securityvulns
securityvulns
Sun Solaris 10 libc/*convert (*cvt) buffer overflow
2010-05-27 00:00:00
Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)
2009-12-15 00:00:00
Flock 2.5.2 Remote Array Overrun (Arbitrary code execution)
2009-12-15 00:00:00
packetstorm
packetstorm
Flock 2.5.2 Remote Array Overrun
2009-12-12 00:00:00
J 6.02.023 Array Overrun
2010-01-09 00:00:00
Matlab R2009b Array Overrun
2010-01-09 00:00:00
opera
opera
Heap buffer overflow in string to number conversion
2009-11-20 00:00:00
debiancve
debiancve
CVE-2009-0689
2009-07-01 13:00:00
osv
osv
mono - security update
2018-11-01 00:00:00
mono - security update
2015-12-30 00:00:00
kdelibs - arbitrary code execution
2010-02-17 00:00:00
mageia
mageia
Updated mono packages fix security vulnerability
2016-01-14 04:44:39
centos
centos
kdelibs security update
2009-11-25 14:52:10
php security update
2014-03-19 01:15:26
seamonkey security update
2009-10-28 13:15:48
fedora
fedora
[SECURITY] Fedora 23 Update: mono-4.0.5-2.fc23
2015-12-29 22:26:22
[SECURITY] Fedora 11 Update: seamonkey-1.1.19-1.fc11
2010-04-21 21:53:31
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:58:49
threatpost
threatpost
'High Risk' Flaw Fixed in Google Chrome
2009-10-06 22:32:02
cve
cve
CVE-2009-0689
2009-07-01 13:00:00
CVE-2009-1563
2009-10-29 14:30:00
debian
debian
[SECURITY] [DLA 376-1] mono security update
2015-12-30 11:29:31
[SECURITY] [DSA 1998-1] New kdelibs packages fix arbitrary code execution
2010-02-17 18:25:18
[Backports-security-announce] Security Update for nsrp
2010-07-21 08:26:53
oraclelinux
oraclelinux
kdelibs security update
2009-11-24 00:00:00
php security update
2014-03-18 00:00:00
redhat
redhat
(RHSA-2014:0312) Critical: php security update
2014-03-18 00:00:00
(RHSA-2014:0311) Critical: php security update
2014-03-18 00:00:00
(RHSA-2009:1531) Critical: seamonkey security update
2009-10-27 00:00:00
chrome
chrome
Stable Channel Update
2009-09-30 00:00:00
ubuntu
ubuntu
KDE vulnerabilities
2009-12-11 00:00:00
Thunderbird vulnerabilities
2010-03-18 00:00:00
exploitpack
exploitpack
Sunbird 0.9 - Array Overrun Code Execution
2009-12-11 00:00:00
Opera 10.01 - Remote Array Overrun
2009-11-19 00:00:00
SeaMonkey 1.1.8 - Remote Array Overrun
2009-11-19 00:00:00
freebsd
freebsd
mono -- DoS and code execution
2015-12-19 00:00:00
opera -- multiple vulnerabilities
2009-11-23 00:00:00
mozilla -- multiple vulnerabilities
2010-03-16 00:00:00
mozilla
mozilla
Heap buffer overflow in string to number conversion — Mozilla
2009-10-27 00:00:00
exploitdb
exploitdb
Sunbird 0.9 - Array Overrun Code Execution
2009-12-11 00:00:00
K-Meleon 1.5.3 - Remote Array Overrun
2009-11-19 00:00:00
Opera 10.01 - Remote Array Overrun
2009-11-19 00:00:00
ubuntucve
ubuntucve
CVE-2009-0689
2009-07-01 00:00:00
hackerone
hackerone
Ruby: Ruby: Heap Overflow in Floating Point Parsing
2013-11-22 00:00:00
suse
suse
Security update for ruby (critical)
2013-12-05 18:04:15
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.97 High
EPSS
Percentile
99.7%
Related for RHSA-2009:1601