CVE - CVE-2009-0689

CVE-ID
CVE-2009-0689	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2010-03-29-1 URL:http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html APPLE:APPLE-SA-2010-06-21-1 URL:http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html BID:35510 URL:http://www.securityfocus.com/bid/35510 BUGTRAQ:20091120 K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution) URL:http://www.securityfocus.com/archive/1/507977/100/0/threaded BUGTRAQ:20091120 SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution) URL:http://www.securityfocus.com/archive/1/507979/100/0/threaded BUGTRAQ:20091210 Camino 1.6.10 Remote Array Overrun (Arbitrary code execution) URL:http://www.securityfocus.com/archive/1/508423/100/0/threaded BUGTRAQ:20091210 Flock 2.5.2 Remote Array Overrun (Arbitrary code execution) URL:http://www.securityfocus.com/archive/1/508417/100/0/threaded CONFIRM:http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.h CONFIRM:http://support.apple.com/kb/HT4077 CONFIRM:http://support.apple.com/kb/HT4225 CONFIRM:http://www.mozilla.org/security/announce/2009/mfsa2009-59.html CONFIRM:http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.c CONFIRM:http://www.opera.com/support/kb/view/942/ CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=516396 CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=516862 MANDRIVA:MDVSA-2009:294 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2009:294~~ (Obsolete source) MANDRIVA:MDVSA-2009:330 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2009:330~~ (Obsolete source) MISC:http://secunia.com/secunia_research/2009-35/ MLIST:[debian-lts-announce] 20181101 [SECURITY] [DLA 1564-1] mono security update URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00001.html OVAL:oval:org.mitre.oval:def:6528 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6528 OVAL:oval:org.mitre.oval:def:9541 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9541 REDHAT:RHSA-2009:1601 URL:http://www.redhat.com/support/errata/RHSA-2009-1601.html REDHAT:RHSA-2010:0153 URL:http://www.redhat.com/support/errata/RHSA-2010-0153.html REDHAT:RHSA-2010:0154 URL:http://www.redhat.com/support/errata/RHSA-2010-0154.html REDHAT:RHSA-2014:0311 URL:http://rhn.redhat.com/errata/RHSA-2014-0311.html REDHAT:RHSA-2014:0312 URL:http://rhn.redhat.com/errata/RHSA-2014-0312.html SECTRACK:1022478 URL:http://securitytracker.com/id?1022478 SECUNIA:37431 URL:http://secunia.com/advisories/37431 SECUNIA:37682 URL:http://secunia.com/advisories/37682 SECUNIA:37683 URL:http://secunia.com/advisories/37683 SECUNIA:38066 URL:http://secunia.com/advisories/38066 SECUNIA:38977 URL:http://secunia.com/advisories/38977 SECUNIA:39001 URL:http://secunia.com/advisories/39001 SREASONRES:20090625 Multiple Vendors libc/gdtoa printf(3) Array Overrun URL:http://securityreason.com/achievement_securityalert/63 SREASONRES:20091030 Multiple BSD printf(1) and multiple dtoa/*printf(3) vulnerabilities URL:http://securityreason.com/achievement_securityalert/69 SREASONRES:20091120 K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution) URL:http://securityreason.com/achievement_securityalert/72 SREASONRES:20091120 Opera 10.01 Remote Array Overrun (Arbitrary code execution) URL:http://securityreason.com/achievement_securityalert/73 SREASONRES:20091120 SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution) URL:http://securityreason.com/achievement_securityalert/71 SREASONRES:20091211 Camino 1.6.10 Remote Array Overrun (Arbitrary code execution) URL:http://securityreason.com/achievement_securityalert/76 SREASONRES:20091211 Flock 2.5.2 Remote Array Overrun (Arbitrary code execution) URL:http://securityreason.com/achievement_securityalert/75 SREASONRES:20091211 Sunbird 0.9 Array Overrun (code execution) URL:http://securityreason.com/achievement_securityalert/77 SREASONRES:20091211 Thunderbird 2.0.0.23 (lib) Remote Array Overrun (Arbitrary code execution) URL:http://securityreason.com/achievement_securityalert/78 SREASONRES:20100108 MacOS X 10.5/10.6 libc/strtod(3) buffer overflow URL:http://securityreason.com/achievement_securityalert/81 SUNALERT:272909 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1~~ (Obsolete source) SUSE:SUSE-SR:2009:018 URL:http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html SUSE:SUSE-SR:2010:013 URL:http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html UBUNTU:USN-915-1 URL:http://www.ubuntu.com/usn/USN-915-1 VUPEN:ADV-2009-3297 URL:~~http://www.vupen.com/english/advisories/2009/3297~~ (Obsolete source) VUPEN:ADV-2009-3299 URL:~~http://www.vupen.com/english/advisories/2009/3299~~ (Obsolete source) VUPEN:ADV-2009-3334 URL:~~http://www.vupen.com/english/advisories/2009/3334~~ (Obsolete source) VUPEN:ADV-2010-0094 URL:~~http://www.vupen.com/english/advisories/2010/0094~~ (Obsolete source) VUPEN:ADV-2010-0648 URL:~~http://www.vupen.com/english/advisories/2010/0648~~ (Obsolete source) VUPEN:ADV-2010-0650 URL:~~http://www.vupen.com/english/advisories/2010/0650~~ (Obsolete source)
Assigning CNA
CERT/CC
Date Record Created
20090222	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20090222)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)