The v8 engine uses a common dtoa() implementation to parse strings into floating point numbers. We have applied a patch to fix a recent bug in this component.
Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689

threatpost.com/high-risk-flaw-fixed-google-chrome-100609/

seebug 13

openvas 61

nessus 56

prion 1

securityvulns 11

redhat 4

packetstorm 13

opera 1

debiancve 1

osv 3

mageia 1

centos 3

fedora 2

veracode 1

cve 2

debian 5

exploitpack 5

mozilla 1

freebsd 2

oraclelinux 2

ubuntu 2

chrome 1

exploitdb 5

ubuntucve 1

hackerone 1

suse 1

seebug

多个BSD系统gdtoa/misc.c文件内存破坏漏洞

2009-06-30 00:00:00

Sun Solaris多个libc库数字转换函数缓冲区溢出漏洞

2010-05-25 00:00:00

KDE KDELibs 'dtoa()'远程代码执行漏洞

2009-11-24 00:00:00

openvas

SLES10: Security update for mozilla-nspr

2009-11-11 00:00:00

RedHat Security Advisory RHSA-2009:1601

2009-12-03 00:00:00

CentOS Update for kdelibs CESA-2009:1601 centos4 i386

2011-08-09 00:00:00

nessus

SuSE 11 Security Update : kdelibs4 (SAT Patch Number 1747)

2010-01-12 00:00:00

Debian DSA-1998-1 : kdelibs - buffer overflow

2010-02-24 00:00:00

SuSE 10 Security Update : kdelibs3 (ZYPP Patch Number 6691)

2009-12-08 00:00:00

prion

Heap overflow

2009-07-01 13:00:00

securityvulns

Sun Solaris 10 libc/*convert (*cvt) buffer overflow

2010-05-27 00:00:00

Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)

2009-12-15 00:00:00

Flock 2.5.2 Remote Array Overrun (Arbitrary code execution)

2009-12-15 00:00:00

redhat

(RHSA-2009:1601) Critical: kdelibs security update

2009-11-24 00:00:00

(RHSA-2014:0312) Critical: php security update

2014-03-18 00:00:00

(RHSA-2014:0311) Critical: php security update

2014-03-18 00:00:00

packetstorm

Flock 2.5.2 Remote Array Overrun

2009-12-12 00:00:00

J 6.02.023 Array Overrun

2010-01-09 00:00:00

Matlab R2009b Array Overrun

2010-01-09 00:00:00

opera

Heap buffer overflow in string to number conversion

2009-11-20 00:00:00

debiancve

CVE-2009-0689

2009-07-01 13:00:00

osv

mono - security update

2018-11-01 00:00:00

kdelibs - arbitrary code execution

2010-02-17 00:00:00

mono - security update

2015-12-30 00:00:00

mageia

Updated mono packages fix security vulnerability

2016-01-14 04:44:39

centos

kdelibs security update

2009-11-25 14:52:10

php security update

2014-03-19 01:15:26

seamonkey security update

2009-10-28 13:15:48

fedora

[SECURITY] Fedora 23 Update: mono-4.0.5-2.fc23

2015-12-29 22:26:22

[SECURITY] Fedora 11 Update: seamonkey-1.1.19-1.fc11

2010-04-21 21:53:31

veracode

Denial Of Service (DoS)

2019-01-15 08:58:49

cve

CVE-2009-0689

2009-07-01 13:00:00

CVE-2009-1563

2009-10-29 14:30:00

debian

[SECURITY] [DLA 376-1] mono security update

2015-12-30 11:29:31

[SECURITY] [DSA 1998-1] New kdelibs packages fix arbitrary code execution

2010-02-17 18:25:18

[Backports-security-announce] Security Update for nsrp

2010-07-21 08:26:53

exploitpack

Sunbird 0.9 - Array Overrun Code Execution

2009-12-11 00:00:00

Opera 10.01 - Remote Array Overrun

2009-11-19 00:00:00

SeaMonkey 1.1.8 - Remote Array Overrun

2009-11-19 00:00:00

mozilla

Heap buffer overflow in string to number conversion — Mozilla

2009-10-27 00:00:00

freebsd

mono -- DoS and code execution

2015-12-19 00:00:00

opera -- multiple vulnerabilities

2009-11-23 00:00:00

oraclelinux

kdelibs security update

2009-11-24 00:00:00

php security update

2014-03-18 00:00:00

ubuntu

KDE vulnerabilities

2009-12-11 00:00:00

Thunderbird vulnerabilities

2010-03-18 00:00:00

chrome

Stable Channel Update

2009-09-30 00:00:00

exploitdb

Sunbird 0.9 - Array Overrun Code Execution

2009-12-11 00:00:00

K-Meleon 1.5.3 - Remote Array Overrun

2009-11-19 00:00:00

SeaMonkey 1.1.8 - Remote Array Overrun

2009-11-19 00:00:00

ubuntucve

CVE-2009-0689

2009-07-01 00:00:00

hackerone

Ruby: Ruby: Heap Overflow in Floating Point Parsing

2013-11-22 00:00:00

suse

Security update for ruby (critical)

2013-12-05 18:04:15

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.97 High

EPSS

Percentile

99.7%

JSON

Related for THREATPOST:DF62052EA2F1372006ACE34D8541F7DB