Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2009-0689

Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.

  • Published: Jul 1, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-0689
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
freebsd / freebsd 6.4-release_p2 6.4-release_p2.x
mozilla / firefox 3.5.3 3.5.3.x
mozilla / seamonkey 1.1.8 1.1.8.x
mozilla / firefox 3.0.7 3.0.7.x
freebsd / freebsd 6.4 6.4.x
mozilla / firefox 3.0.9 3.0.9.x
freebsd / freebsd 6.4-release_p5 6.4-release_p5.x
netbsd / netbsd 5.0 5.0.x
mozilla / firefox 3.0.8 3.0.8.x
mozilla / firefox 3.5 3.5.x
mozilla / firefox 3.0.4 3.0.4.x
k-meleon_project / k-meleon 1.5.3 1.5.3.x
freebsd / freebsd 6.4-release 6.4-release.x
mozilla / firefox 3.0.5 3.0.5.x
mozilla / firefox 3.5.1 3.5.1.x
mozilla / firefox 3.0.14 3.0.14.x
mozilla / firefox 3.5.2 3.5.2.x
mozilla / firefox 3.0.10 3.0.10.x
freebsd / freebsd 6.4-stable 6.4-stable.x
freebsd / freebsd 6.4-release_p4 6.4-release_p4.x
mozilla / firefox 3.0.12 3.0.12.x
mozilla / firefox 3.0.3 3.0.3.x
mozilla / firefox 3.0.6 3.0.6.x
openbsd / openbsd 4.5 4.5.x
mozilla / firefox 3.0.1 3.0.1.x
freebsd / freebsd 7.2-pre-release 7.2-pre-release.x
freebsd / freebsd 7.2 7.2.x
mozilla / firefox 3.0.2 3.0.2.x
freebsd / freebsd 6.4-release_p3 6.4-release_p3.x
mozilla / firefox 3.0.13 3.0.13.x
freebsd / freebsd 7.2-stable 7.2-stable.x
mozilla / firefox 3.0.11 3.0.11.x