CVE-2009-0689
Description
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
41.76
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update Opera to version 10.10 | Windows |
| Vulnerability CVE-2009-0689,CVE-2009-3372,CVE-2009-3373,CVE-2009-3376 are affected in Mozilla Firefox 3.5.3 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.1 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.2 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.3 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.1 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.2 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.3 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.10 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.11 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.12 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.13 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.14 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.4 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.5 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.6 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.7 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.8 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.9 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.5 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.5.1 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.5.2 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.5.3 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.10 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.11 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.12 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.13 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.14 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.4 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.5 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.6 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.7 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.8 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.9 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.5 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.5.1 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.5.2 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.5.3 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.1 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.10 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.11 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.12 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.13 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.14 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.2 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.3 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.4 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.5 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.6 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.7 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.8 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.0.9 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.5 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.5.1 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.5.2 | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 3.5.3 | Mac |
| Multiple Vulnerabilities are affected in SeaMonkey For Mac 1.1.8 | Mac |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) bytefx-data-mysql-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) ibm-data-db2-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-core-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-data-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-data-firebird-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-data-oracle-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-data-postgresql-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-data-sqlite-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-data-sybase-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-devel-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-extras-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-jscript-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-locale-extras-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-nunit-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-wcf-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-web-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) mono-winforms-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:0257-1(SUSE Linux Enterprise Desktop 11-SP4 ) monodoc-core-2.6.7-0.16.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2958-1(SUSE Linux Enterprise Server 11-SP4 ) mono-core-2.6.7-0.18.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2958-1(SUSE Linux Enterprise Server 11-SP4 ) mono-data-2.6.7-0.18.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2958-1(SUSE Linux Enterprise Server 11-SP4 ) mono-data-postgresql-2.6.7-0.18.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2958-1(SUSE Linux Enterprise Server 11-SP4 ) mono-data-sqlite-2.6.7-0.18.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2958-1(SUSE Linux Enterprise Server 11-SP4 ) mono-locale-extras-2.6.7-0.18.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2958-1(SUSE Linux Enterprise Server 11-SP4 ) mono-nunit-2.6.7-0.18.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2958-1(SUSE Linux Enterprise Server 11-SP4 ) mono-web-2.6.7-0.18.1.x86_64.rpm | Linux |
| SUSE-SU-2016:2958-1(SUSE Linux Enterprise Server 11-SP4 ) mono-winforms-2.6.7-0.18.1.x86_64.rpm | Linux |
| Update Opera to version 10.10 (For Ubuntu) | Linux |
| Update Opera to version 10.10 (For Debian) | Linux |
| Update Opera to version 10.10 (For Centos) | Linux |
| Update Opera to version 10.10 (For RedHat) | Linux |
| Update Opera to version 10.10 (For Suse) | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-343015 | Mozilla Firefox (132.0.2) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611088 | SeaMonkey For Mac (2.53.21) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234