20 matches found
SUSE CVE-2009-0689
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
UBUNTU-CVE-2019-14872
The dtoar function of the newlib libc library, prior to version 3.3.0, performs multiple memory allocations without checking their return value. This could result in NULL pointer dereference...
MATLAB R2009b 'dtoa' Implementation Memory Corruption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37688/info MATLAB is prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index. Attackers may exploit this issue to execute arbitrary code within the contex...
K-Meleon 1.5.3 - Remote Array Overrun
No description provided by source. From Full Disclosure: http://seclists.org/fulldisclosure/2009/Nov/222 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 K-Meleon 1.5.3 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.:...
Opera Web Browser 10.01 'dtoa()' Remote Code Execution Vulnerability
Opera Web Browser is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code. Failed attacks may cause denial-of-service conditions. NOTE: This issue is related to BID 35510 Multiple BSD Distributions 'gdtoa/misc.c' Memory Corruption...
array index error in dtoa implementation of many products
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
array index error in dtoa implementation of many products
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
MacOS X 10.5/10.6 libc/strtod(3) buffer overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MacOS X 10.5/10.6 libc/strtod3 buffer overflow Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.: 07.05.2009 - - Pub.: 08.01.2010 CVE: CVE-2009-0689 CWE: CWE-119 Risk: High Remote: Yes Affected Software: - - MacOS 10.6...
MATLAB R2009b - 'dtoa' Implementation Memory Corruption
source: https://www.securityfocus.com/bid/37688/info MATLAB is prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index. Attackers may exploit this issue to execute arbitrary code within the context of affected applications. MATLAB...
KDELibs 4.3.3 Remote Array Overrun
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE KDELibs 4.3.3 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.: 07.05.2009 - - Pub.: 20.11.2009 CVE: CVE-2009-0689 Risk: High Remote: Yes Affected Software: - - KDELibs...
SeaMonkey 1.1.0 Remote Array Overrun
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SeaMonkey 1.1.8 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.: 07.05.2009 - - Pub.: 20.11.2009 CVE: CVE-2009-0689 Risk: High Remote: Yes Affected Software: - - SeaMonkey...
Heap buffer overflow in string to number conversion – Opera Security Advisories
Passing very long strings through the string to number conversion using JavaScript in Opera may result in heap buffer overflows. This also affects the dtoa routine, and was reported in CVE-2009-0689. In most cases Opera will just freeze or terminate, but in some cases this could lead to a crash...
Heap buffer overflow in string to number conversion
Passing very long strings through the string to number conversion using JavaScript in Opera may result in heap buffer overflows. This also affects the dtoa routine, and was reported in CVE-2009-0689. In most cases Opera will just freeze or terminate, but in some cases this could lead to a crash...
KDE KDELibs 4.3.3 - Remote Array Overrun
KDE KDELibs 4.3.3 - Remote Array Overrun -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE KDELibs 4.3.3 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.: 07.05.2009 - - Pub.: 20.11.2009 CVE: CVE-2009-0689 Risk: High...
SecurityReason: Multiple BSD printf(1) and multiple dtoa/*printf(3) vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple BSD printf1 and multiple dtoa/printf3 vulnerabilities Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 29.06.2009 - - Pub.: 30.10.2009 We are going inform all vendors, about this problem Affected Software official: - - OpenB...
array index error in dtoa implementation of many products
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
DEBIAN-CVE-2009-0689
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
Heap overflow
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
CVE-2009-0689
CVE-2009-0689 is an array-index error in libc’s dtoa/gdtoa floating-point conversion code (dtoa.c/pdtoa.c and gdtoa/misc.c) that can be triggered by a large precision value passed to printf, causing a denial of service (crash) and potentially arbitrary code execution. Affected platforms include F...
PT-2006-7103 · Mozilla +1 · Firefox +3
Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions 2.x before 2.0.0.1 Mozilla Firefox versions 1.5.x before 1.5.0.9 Thunderbird versions before 1.5.0.9 SeaMonkey versions before 1.0.7 Description: The js dtoa function overwrites memory instead of exiting when the...