Executive Summary

Informations
NameCVE-2009-0689First vendor Publication2009-07-01
VendorCveLast vendor Modification2014-03-25

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score6.8Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Security Protection

ImpactsProvides unauthorized access : Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service.

Detail

Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-8Buffer Overflow in an API Call
CAPEC-9Buffer Overflow in Local Command-Line Utilities
CAPEC-10Buffer Overflow via Environment Variables
CAPEC-14Client-side Injection-induced Buffer Overflow
CAPEC-24Filter Failure through Buffer Overflow
CAPEC-42MIME Conversion
CAPEC-44Overflow Binary Resource File
CAPEC-45Buffer Overflow via Symbolic Links
CAPEC-46Overflow Variables and Tags
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-100Overflow Buffers

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:9541
 
Oval ID: oval:org.mitre.oval:def:9541
Title: Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
Description: Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0689
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6826
 
Oval ID: oval:org.mitre.oval:def:6826
Title: DSA-1998 kdelibs -- buffer overflow
Description: Maksymilian Arciemowicz discovered a buffer overflow in the internal string routines of the KDE core libraries, which could lead to the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1998
CVE-2009-0689
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): kdelibs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6528
 
Oval ID: oval:org.mitre.oval:def:6528
Title: Mozilla Firefox Floating Point Memory Allocation Vulnerability
Description: Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
Family: windows Class: vulnerability
Reference(s): CVE-2009-0689
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13490
 
Oval ID: oval:org.mitre.oval:def:13490
Title: USN-871-1 -- kdelibs vulnerability
Description: A buffer overflow was found in the KDE libraries when converting a string to a floating point number. If a user or application linked against kdelibs were tricked into processing crafted input, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that the KDE libraries could use KHTML to process an unknown MIME type. If a user or application linked against kdelibs were tricked into opening a crafted file, an attacker could potentially trigger XMLHTTPRequests to remote sites.
Family: unix Class: patch
Reference(s): USN-871-1
CVE-2009-0689
Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 8.10
Ubuntu 9.10
Ubuntu 9.04
Product(s): kdelibs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12913
 
Oval ID: oval:org.mitre.oval:def:12913
Title: DSA-1998-1 kdelibs -- buffer overflow
Description: Maksymilian Arciemowicz discovered a buffer overflow in the internal string routines of the KDE core libraries, which could lead to the execution of arbitrary code. For the stable distribution, this problem has been fixed in version 4:3.5.10.dfsg.1-0lenny4. For the unstable distribution, this problem has been fixed in version 4:3.5.10.dfsg.1-3. We recommend that you upgrade your kdelibs packages.
Family: unix Class: patch
Reference(s): DSA-1998-1
CVE-2009-0689
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): kdelibs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22669
 
Oval ID: oval:org.mitre.oval:def:22669
Title: ELSA-2009:1601: kdelibs security update (Critical)
Description: Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
Family: unix Class: patch
Reference(s): ELSA-2009:1601-01
CVE-2009-0689
Version: 6
Platform(s): Oracle Linux 5
Product(s): kdelibs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24079
 
Oval ID: oval:org.mitre.oval:def:24079
Title: RHSA-2014:0311: php security update (Critical)
Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed floating point numbers from their text representation. If a PHP application converted untrusted input strings to numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with the privileges of the application. (CVE-2009-0689) It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2006-7243) All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0311-00
CESA-2014:0311
CVE-2006-7243
CVE-2009-0689
Version: 11
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23947
 
Oval ID: oval:org.mitre.oval:def:23947
Title: ELSA-2014:0311: php security update (Critical)
Description: Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
Family: unix Class: patch
Reference(s): ELSA-2014:0311-00
CVE-2006-7243
CVE-2009-0689
Version: 7
Platform(s): Oracle Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25660
 
Oval ID: oval:org.mitre.oval:def:25660
Title: SUSE-SU-2013:1828-1 -- Security update for ruby
Description: The following security issue has been fixed: * CVE-2013-4164: heap overflow in float point parsing
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1828-1
CVE-2013-4164
CVE-2009-0689
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): ruby
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application18
Application1
Os10
Os1
Os1

ExploitDB Exploits

idDescription
2009-12-11Sunbird 0.9 Array Overrun (code execution) 0day
2009-11-19Opera 10.01 Remote Array Overrun
2009-11-19K-Meleon 1.5.3 Remote Array Overrun
2009-11-19SeaMonkey 1.1.8 Remote Array Overrun
2009-11-19KDE KDELibs 4.3.3 Remote Array Overrun

OpenVAS Exploits

DateDescription
2011-08-09Name : CentOS Update for kdelibs CESA-2009:1601 centos4 i386
File : nvt/gb_CESA-2009_1601_kdelibs_centos4_i386.nasl
2011-08-09Name : CentOS Update for kdelibs CESA-2009:1601 centos5 i386
File : nvt/gb_CESA-2009_1601_kdelibs_centos5_i386.nasl
2011-08-09Name : CentOS Update for thunderbird CESA-2010:0153 centos5 i386
File : nvt/gb_CESA-2010_0153_thunderbird_centos5_i386.nasl
2011-08-09Name : CentOS Update for firefox CESA-2009:1530 centos4 i386
File : nvt/gb_CESA-2009_1530_firefox_centos4_i386.nasl
2011-08-09Name : CentOS Update for seamonkey CESA-2009:1531 centos3 i386
File : nvt/gb_CESA-2009_1531_seamonkey_centos3_i386.nasl
2011-08-09Name : CentOS Update for seamonkey CESA-2009:1531 centos4 i386
File : nvt/gb_CESA-2009_1531_seamonkey_centos4_i386.nasl
2010-05-12Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002
File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl
2010-04-29Name : Fedora Update for seamonkey FEDORA-2010-7100
File : nvt/gb_fedora_2010_7100_seamonkey_fc11.nasl
2010-04-16Name : Mandriva Update for krb5 MDVSA-2010:071 (krb5)
File : nvt/gb_mandriva_MDVSA_2010_071.nasl
2010-03-30Name : FreeBSD Ports: seamonkey, linux-seamonkey
File : nvt/freebsd_seamonkey.nasl
2010-03-22Name : CentOS Update for thunderbird CESA-2010:0154 centos4 i386
File : nvt/gb_CESA-2010_0154_thunderbird_centos4_i386.nasl
2010-03-22Name : Ubuntu Update for thunderbird vulnerabilities USN-915-1
File : nvt/gb_ubuntu_USN_915_1.nasl
2010-03-22Name : RedHat Update for thunderbird RHSA-2010:0154-02
File : nvt/gb_RHSA-2010_0154-02_thunderbird.nasl
2010-02-25Name : Debian Security Advisory DSA 1998-1 (kdelibs)
File : nvt/deb_1998_1.nasl
2010-01-29Name : Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)
File : nvt/gb_mandriva_MDVSA_2010_027.nasl
2010-01-29Name : Mandriva Update for kdelibs4 MDVSA-2010:028 (kdelibs4)
File : nvt/gb_mandriva_MDVSA_2010_028.nasl
2009-12-14Name : SLES11: Security update for kdelibs3
File : nvt/sles11_kdelibs3.nasl
2009-12-14Name : Mandriva Security Advisory MDVSA-2009:330 (kdelibs)
File : nvt/mdksa_2009_330.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:290-1 (firefox)
File : nvt/mdksa_2009_290_1.nasl
2009-12-10Name : FreeBSD Ports: opera
File : nvt/freebsd_opera19.nasl
2009-12-03Name : RedHat Security Advisory RHSA-2009:1601
File : nvt/RHSA_2009_1601.nasl
2009-11-23Name : Ubuntu USN-853-1 (xulrunner-1.9.1)
File : nvt/ubuntu_853_1.nasl
2009-11-11Name : SLES10: Security update for Mozilla Firefox
File : nvt/sles10_MozillaFirefox7.nasl
2009-11-11Name : SLES11: Security update for Mozilla Firefox
File : nvt/sles11_MozillaFirefox7.nasl
2009-11-11Name : Mandriva Security Advisory MDVSA-2009:290 (firefox)
File : nvt/mdksa_2009_290.nasl
2009-11-11Name : CentOS Security Advisory CESA-2009:1530 (firefox)
File : nvt/ovcesa2009_1530.nasl
2009-11-11Name : CentOS Security Advisory CESA-2009:1531 (seamonkey)
File : nvt/ovcesa2009_1531.nasl
2009-11-11Name : Fedora Core 11 FEDORA-2009-10878 (chmsee)
File : nvt/fcore_2009_10878.nasl
2009-11-11Name : SLES11: Security update for Mozilla
File : nvt/sles11_mozilla-nspr.nasl
2009-11-11Name : Fedora Core 10 FEDORA-2009-10981 (blam)
File : nvt/fcore_2009_10981.nasl
2009-11-11Name : SLES11: Security update for Mozilla XULRunner
File : nvt/sles11_mozilla-xulrunn1.nasl
2009-11-11Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox42.nasl
2009-11-11Name : SLES10: Security update for mozilla-nspr
File : nvt/sles10_mozilla-nspr0.nasl
2009-11-11Name : SLES10: Security update for Mozilla XULRunner
File : nvt/sles10_mozilla-xulrunn0.nasl
2009-11-11Name : SuSE Security Advisory SUSE-SA:2009:052 (MozillaFirefox)
File : nvt/suse_sa_2009_052.nasl
2009-11-11Name : RedHat Security Advisory RHSA-2009:1530
File : nvt/RHSA_2009_1530.nasl
2009-11-11Name : RedHat Security Advisory RHSA-2009:1531
File : nvt/RHSA_2009_1531.nasl
2009-11-11Name : SuSE Security Summary SUSE-SR:2009:018
File : nvt/suse_sr_2009_018.nasl
2009-11-11Name : Debian Security Advisory DSA 1931-1 (nspr)
File : nvt/deb_1931_1.nasl
2009-11-02Name : Mozilla Firefox Multiple Vulnerabilities Nov-09 (Linux)
File : nvt/gb_firefox_mult_vuln_nov09_lin.nasl
2009-11-02Name : Mozilla Firefox Multiple Vulnerabilities Nov-09 (Win)
File : nvt/gb_firefox_mult_vuln_nov09_win.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
63646J Programming Language libc dtoa Implementation Floating Point Parsing Memory...
63641Matlab libc dtoa Implementation Floating Point Parsing Memory Corruption
63639Apple Mac OS X libc dtoa Implementation Floating Point Parsing Memory Corruption
62402K-Meleon libc dtoa Implementation Floating Point Parsing Memory Corruption
61189Mozilla Sunbird libc dtoa Implementation Floating Point Parsing Memory Corrup...
61188Flock Browser libc dtoa Implementation Floating Point Parsing Memory Corruption
61187KDE kdelibs libc dtoa Implementation Floating Point Parsing Memory Corruption
61186Opera libc dtoa Implementation Floating Point Parsing Memory Corruption
61091Mozilla Multiple Products libc dtoa Implementation Floating Point Parsing Mem...
55603libc gdtoa/misc.c dtoa() Implementation printf Function Array Overflow

Snort® IPS/IDS

DateDescription
2014-01-10Mozilla products floating point buffer overflow attempt
RuleID : 21155 - Revision : 5 - Type : BROWSER-FIREFOX
2014-01-10Mozilla products floating point buffer overflow attempt
RuleID : 21154 - Revision : 4 - Type : BROWSER-FIREFOX

Nessus® Vulnerability Scanner

DateDescription
2014-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0312.nasl - Type : ACT_GATHER_INFO
2014-03-20Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140318_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-03-19Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO
2014-03-19Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0311.nasl - Type : ACT_GATHER_INFO
2014-03-19Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO
2013-12-05Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_ruby-131125.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1601.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2010-0154.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1530.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1531.nasl - Type : ACT_GATHER_INFO
2013-06-29Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1601.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO
2013-01-08Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing a security update.
File : sl_20100317_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091027_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091027_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091124_kdelibs_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2010-10-11Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kdelibs3-6692.nasl - Type : ACT_GATHER_INFO
2010-10-11Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mozilla-nspr-6631.nasl - Type : ACT_GATHER_INFO
2010-10-11Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mozilla-xulrunner190-6617.nasl - Type : ACT_GATHER_INFO
2010-10-11Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_MozillaFirefox-6609.nasl - Type : ACT_GATHER_INFO
2010-07-30Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-294.nasl - Type : ACT_GATHER_INFO
2010-07-30Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-027.nasl - Type : ACT_GATHER_INFO
2010-07-30Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-028.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-7100.nasl - Type : ACT_GATHER_INFO
2010-05-20Name : The remote openSUSE host is missing a security update.
File : suse_11_1_seamonkey-100430.nasl - Type : ACT_GATHER_INFO
2010-05-20Name : The remote openSUSE host is missing a security update.
File : suse_11_0_seamonkey-100430.nasl - Type : ACT_GATHER_INFO
2010-05-20Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12616.nasl - Type : ACT_GATHER_INFO
2010-05-11Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO
2010-04-14Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-071.nasl - Type : ACT_GATHER_INFO
2010-03-30Name : The remote openSUSE host is missing a security update.
File : suse_11_1_MozillaThunderbird-100324.nasl - Type : ACT_GATHER_INFO
2010-03-30Name : The remote openSUSE host is missing a security update.
File : suse_11_0_MozillaThunderbird-100324.nasl - Type : ACT_GATHER_INFO
2010-03-29Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO
2010-03-29Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_6_3.nasl - Type : ACT_GATHER_INFO
2010-03-29Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2010-002.nasl - Type : ACT_GATHER_INFO
2010-03-22Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_56cfe192329f11dfabb2000f20797ede.nasl - Type : ACT_GATHER_INFO
2010-03-19Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO
2010-03-19Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_20024.nasl - Type : ACT_GATHER_INFO
2010-03-19Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-915-1.nasl - Type : ACT_GATHER_INFO
2010-03-19Name : A web browser on the remote host is affected by multiple vulnerabilities.
File : seamonkey_1119.nasl - Type : ACT_GATHER_INFO
2010-02-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1931.nasl - Type : ACT_GATHER_INFO
2010-02-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1998.nasl - Type : ACT_GATHER_INFO
2010-01-12Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kdelibs4-100107.nasl - Type : ACT_GATHER_INFO
2010-01-08Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0001.nasl - Type : ACT_GATHER_INFO
2009-12-30Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-346.nasl - Type : ACT_GATHER_INFO
2009-12-22Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12563.nasl - Type : ACT_GATHER_INFO
2009-12-11Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-871-1.nasl - Type : ACT_GATHER_INFO
2009-12-11Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-871-2.nasl - Type : ACT_GATHER_INFO
2009-12-08Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kdelibs3-091204.nasl - Type : ACT_GATHER_INFO
2009-12-08Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kdelibs3-6691.nasl - Type : ACT_GATHER_INFO
2009-12-08Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kdelibs3-091202.nasl - Type : ACT_GATHER_INFO
2009-12-08Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kdelibs3-091202.nasl - Type : ACT_GATHER_INFO
2009-12-08Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kdelibs3-091202.nasl - Type : ACT_GATHER_INFO
2009-12-04Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-290.nasl - Type : ACT_GATHER_INFO
2009-12-02Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_6431c4dbdeb411de90780030843d3802.nasl - Type : ACT_GATHER_INFO
2009-11-30Name : The remote openSUSE host is missing a security update.
File : suse_11_1_opera-091125.nasl - Type : ACT_GATHER_INFO
2009-11-30Name : The remote openSUSE host is missing a security update.
File : suse_11_0_opera-091125.nasl - Type : ACT_GATHER_INFO
2009-11-30Name : The remote openSUSE host is missing a security update.
File : suse_11_2_opera-091125.nasl - Type : ACT_GATHER_INFO
2009-11-25Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1601.nasl - Type : ACT_GATHER_INFO
2009-11-25Name : The remote host contains a web browser that is affected by multiple issues.
File : opera_1010.nasl - Type : ACT_GATHER_INFO
2009-11-12Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-853-2.nasl - Type : ACT_GATHER_INFO
2009-11-09Name : The remote openSUSE host is missing a security update.
File : suse_11_1_mozilla-nspr-091104.nasl - Type : ACT_GATHER_INFO
2009-11-09Name : The remote openSUSE host is missing a security update.
File : suse_11_0_mozilla-nspr-091104.nasl - Type : ACT_GATHER_INFO
2009-11-09Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_mozilla-nspr-091103.nasl - Type : ACT_GATHER_INFO
2009-11-09Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mozilla-nspr-6630.nasl - Type : ACT_GATHER_INFO
2009-11-05Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-10981.nasl - Type : ACT_GATHER_INFO
2009-11-05Name : The remote openSUSE host is missing a security update.
File : suse_11_1_MozillaFirefox-091102.nasl - Type : ACT_GATHER_INFO
2009-11-05Name : The remote openSUSE host is missing a security update.
File : suse_11_0_MozillaFirefox-091103.nasl - Type : ACT_GATHER_INFO
2009-11-04Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_mozilla-xulrunner190-091030.nasl - Type : ACT_GATHER_INFO
2009-11-04Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_MozillaFirefox-091030.nasl - Type : ACT_GATHER_INFO
2009-11-04Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mozilla-xulrunner190-6616.nasl - Type : ACT_GATHER_INFO
2009-11-04Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_MozillaFirefox-6606.nasl - Type : ACT_GATHER_INFO
2009-11-02Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-853-1.nasl - Type : ACT_GATHER_INFO
2009-10-29Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c87aa2d2c3c411deab08000f20797ede.nasl - Type : ACT_GATHER_INFO
2009-10-29Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-10878.nasl - Type : ACT_GATHER_INFO
2009-10-29Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_354.nasl - Type : ACT_GATHER_INFO
2009-10-29Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1530.nasl - Type : ACT_GATHER_INFO
2009-10-29Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1531.nasl - Type : ACT_GATHER_INFO
2009-10-29Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_3015.nasl - Type : ACT_GATHER_INFO
2009-10-28Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1530.nasl - Type : ACT_GATHER_INFO
2009-10-28Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1531.nasl - Type : ACT_GATHER_INFO
2009-10-01Name : The remote host contains a web browser that is affected by a buffer overflow ...
File : google_chrome_3_0_195_24.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
APPLEhttp://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html
BIDhttp://www.securityfocus.com/bid/35510
BUGTRAQhttp://www.securityfocus.com/archive/1/archive/1/507977/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/507979/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/508417/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/508423/100/0/threaded
CONFIRMhttp://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.h
http://support.apple.com/kb/HT4077
http://support.apple.com/kb/HT4225
http://www.mozilla.org/security/announce/2009/mfsa2009-59.html
http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.c
http://www.opera.com/support/kb/view/942/
https://bugzilla.mozilla.org/show_bug.cgi?id=516396
https://bugzilla.mozilla.org/show_bug.cgi?id=516862
MANDRIVAhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:294
http://www.mandriva.com/security/advisories?name=MDVSA-2009:330
MISChttp://secunia.com/secunia_research/2009-35/
REDHAThttp://rhn.redhat.com/errata/RHSA-2014-0311.html
http://rhn.redhat.com/errata/RHSA-2014-0312.html
http://www.redhat.com/support/errata/RHSA-2009-1601.html
http://www.redhat.com/support/errata/RHSA-2010-0153.html
http://www.redhat.com/support/errata/RHSA-2010-0154.html
SECTRACKhttp://securitytracker.com/id?1022478
SECUNIAhttp://secunia.com/advisories/37431
http://secunia.com/advisories/37682
http://secunia.com/advisories/37683
http://secunia.com/advisories/38066
http://secunia.com/advisories/38977
http://secunia.com/advisories/39001
SREASONREShttp://securityreason.com/achievement_securityalert/63
http://securityreason.com/achievement_securityalert/69
http://securityreason.com/achievement_securityalert/71
http://securityreason.com/achievement_securityalert/72
http://securityreason.com/achievement_securityalert/73
http://securityreason.com/achievement_securityalert/75
http://securityreason.com/achievement_securityalert/76
http://securityreason.com/achievement_securityalert/77
http://securityreason.com/achievement_securityalert/78
http://securityreason.com/achievement_securityalert/81
SUNALERThttp://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1
SUSEhttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
UBUNTUhttp://www.ubuntu.com/usn/USN-915-1
VUPENhttp://www.vupen.com/english/advisories/2009/3297
http://www.vupen.com/english/advisories/2009/3299
http://www.vupen.com/english/advisories/2009/3334
http://www.vupen.com/english/advisories/2010/0094
http://www.vupen.com/english/advisories/2010/0648
http://www.vupen.com/english/advisories/2010/0650

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
DateInformations
2014-11-08 13:29:44
  • Multiple Updates
2014-03-26 13:21:50
  • Multiple Updates
2014-03-21 13:21:25
  • Multiple Updates
2014-03-20 13:21:37
  • Multiple Updates
2014-02-17 10:48:58
  • Multiple Updates
2014-01-19 21:25:43
  • Multiple Updates
2013-05-10 23:45:04
  • Multiple Updates