CVE-2009-0689

Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...

Heap overflow

Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...

CVE-2009-0689

Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...

CVE-2009-0689

Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...

CVE-2009-0689

CVE-2009-0689 is an array-index error in libc’s dtoa/gdtoa floating-point conversion code (dtoa.c/pdtoa.c and gdtoa/misc.c) that can be triggered by a large precision value passed to printf, causing a denial of service (crash) and potentially arbitrary code execution. Affected platforms include F...

CVE-2009-0689

Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...

Solaris Update for libc 112874-45

Check for the Version of libc OpenVAS Vulnerability Test Solaris Update for libc 112874-45 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the G...

Solaris Update for libc 114432-34

Check for the Version of libc OpenVAS Vulnerability Test Solaris Update for libc 114432-34 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the G...

Solaris Update for libc 112874-45

Check for the Version of libc OpenVAS Vulnerability Test Solaris Update for libc 112874-45 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the G...

Solaris Update for libc 114432-34

Check for the Version of libc OpenVAS Vulnerability Test Solaris Update for libc 114432-34 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the G...

CVE-2009-1786

CVE-2009-1786 affects IBM AIX 5.3 and 6.1. The vulnerability resides in the libc malloc subsystem where the MALLOCDEBUG log file can be attacked via a symlink, enabling local users to create or overwrite arbitrary files. Multiple connected sources confirm local privilege implications and public P...

IBM AIX symbolic links vulnerability

Symbolic links vulnerability in libc dynamic memory debugging functionality...

FreeBSD Security Advisory (FreeBSD-SA-09:07.libc.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:07.libc.asc ADV FreeBSD-SA-09:07.libc.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-09:07.libc.asc Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

FreeBSD Security Advisory (FreeBSD-SA-09:07.libc.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:07.libc.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2009-1436

The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file...

CVE-2009-1436

The CVE-2009-1436 entry concerns the FreeBSD libc db interface (Berkeley DB 1.85) where memory was not properly initialized, enabling local attackers to read sensitive information from Berkeley DB database files. Affected are FreeBSD releases 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE. The root cause...

FreeBSD libc Berkley DB接口未初始化内存本地信息泄露漏洞

BUGTRAQ ID: 34666 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD的C库（libc）包含有用于创建和访问Berkeley DB 1.85数据库文件的代码。由于Berkeley DB向数据库文件中写入了从malloc3获得的未初始化内存，使用db3接口创建Berkeley数据库文件的程序可能向数据库文件泄露敏感信息。如果其他用户可以读取这些文件，就会导致泄漏敏感信息，如登录凭据。 FreeBSD FreeBSD 7.1 FreeBSD FreeBSD 7.0 FreeBSD FreeBSD 6.4 FreeBSD...

Solaris 9 (x86) : 113988-07

SunOS 5.9x86: libc Patch. Date this patch was last updated by Sun : Jan/26/04 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...

FreeBSD libc Berkley DB接口未初始化内存本地信息泄漏漏洞

BUGTRAQ ID: 34666 CNCAN ID：CNCAN-2009042302 FreeBSD是一款开放源代码的BSD操作系统。 FreeBSD libc Berkeley DB接口写malloc3中获得的未初始化内存到数据库文件，本地攻击者可以利用漏洞获得敏感信息。 FreeBSD FreeBSD 7.1-STABLE FreeBSD FreeBSD 7.1-RELEASE-p4 FreeBSD FreeBSD 7.1 -RELEASE-p2 FreeBSD FreeBSD 7.1 -RELEASE-p1 FreeBSD FreeBSD 7.1 -PRE-RELEASE...

FreeBSD-SA-09:07.libc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:07.libc Security Advisory The FreeBSD Project Topic: Information leak in db3 Category: core Module: libc Announced: 2009-04-22 Credits: Jaakko Heinonen, Xin LI...