17 matches found
MiracleLinux 3 : kdelibs-3.5.5-11.25AXS3 (AXSA:2009-427:02)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-427:02 advisory. KDE Libraries include: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, kio Input/Output, networking, kspell spelling...
SUSE CVE-2009-0689
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
array index error in dtoa implementation of many products
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
Mandriva Linux Security Advisory : kdelibs4 (MDVSA-2010:028)
Multiple vulnerabilities was discovered and corrected in kdelibs4 : KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' NUL character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary...
Mandriva Linux Security Advisory : kdelibs4 (MDVSA-2010:027)
Multiple vulnerabilities was discovered and corrected in kdelibs4 : KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '' NUL character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL...
array index error in dtoa implementation of many products
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)
Check for the Version of kdelibs4 OpenVAS Vulnerability Test Mandriva Update for kdelibs4 MDVSA-2010:027 kdelibs4 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)
Check for the Version of kdelibs4 OpenVAS Vulnerability Test Mandriva Update for kdelibs4 MDVSA-2010:027 kdelibs4 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for kdelibs4 MDVSA-2010:028 (kdelibs4)
Check for the Version of kdelibs4 OpenVAS Vulnerability Test Mandriva Update for kdelibs4 MDVSA-2010:028 kdelibs4 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for kdelibs4 MDVSA-2010:028 (kdelibs4)
Check for the Version of kdelibs4 OpenVAS Vulnerability Test Mandriva Update for kdelibs4 MDVSA-2010:028 kdelibs4 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
BSD-based systems (FreeBSD, NetBSD, OpenBSD) index array overflow
Index array overflow in libc gdtoa function used by printf...
K-Meleon 1.5.3 - Remote Array Overrun
K-Meleon 1.5.3 - Remote Array Overrun From Full Disclosure: http://seclists.org/fulldisclosure/2009/Nov/222 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 K-Meleon 1.5.3 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.:...
DEBIAN-CVE-2009-0689
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
Heap overflow
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
CVE-2009-0689
CVE-2009-0689 is an array-index error in libc’s dtoa/gdtoa floating-point conversion code (dtoa.c/pdtoa.c and gdtoa/misc.c) that can be triggered by a large precision value passed to printf, causing a denial of service (crash) and potentially arbitrary code execution. Affected platforms include F...
CVE-2009-0689
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
多个BSD系统gdtoa/misc.c文件内存破坏漏洞
BUGTRAQ ID: 35510 CVECAN ID: CVE-2009-0689 OpenBSD、NetBSD、FreeBSD都是流行的BSD操作系统,是Unix的衍生系统。 OpenBSD、NetBSD、FreeBSD的dtoa实现中存在数组溢出漏洞。在src/lib/libc/gdtoa/gdtoaimp.h中: - ---gdtoaimp.h--- ... define Kmax 15 ... - ---gdtoaimp.h--- 最大的Kmax长度为15,如果提供了更大的值(如17),程序就会溢出freelist数组,bss为0x1。 以NetBSD为例: -...