Executive Summary

Informations
NameCVE-2009-2905First vendor Publication2009-09-29
VendorCveLast vendor Modification2010-08-21

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score4.6Attack RangeLocal
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text dialog box.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2905

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:9664
 
Oval ID: oval:org.mitre.oval:def:9664
Title: Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text dialog box.
Description: Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text dialog box.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2905
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8556
 
Oval ID: oval:org.mitre.oval:def:8556
Title: Buffer overflow vulnerability in newt
Description: Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text dialog box.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2905
Version: 4
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8285
 
Oval ID: oval:org.mitre.oval:def:8285
Title: DSA-1894 newt -- buffer overflow
Description: Miroslav Lichvar discovered that newt, a windowing toolkit, is prone to a buffer overflow in the content processing code, which can lead to the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1894
CVE-2009-2905
Version: 3
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): newt
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13375
 
Oval ID: oval:org.mitre.oval:def:13375
Title: USN-837-1 -- newt vulnerability
Description: Miroslav Lichvar discovered that Newt incorrectly handled rendering in a text box. An attacker could exploit this and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.
Family: unix Class: patch
Reference(s): USN-837-1
CVE-2009-2905
Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 9.04
Ubuntu 6.06
Ubuntu 8.10
Product(s): newt
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13268
 
Oval ID: oval:org.mitre.oval:def:13268
Title: DSA-1894-1 newt -- buffer overflow
Description: Miroslav Lichvar discovered that newt, a windowing toolkit, is prone to a buffer overflow in the content processing code, which can lead to the execution of arbitrary code. For the stable distribution, this problem has been fixed in version 0.52.2-11.3+lenny1. For the oldstable distribution, this problem has been fixed in version 0.52.2-10+etch1. For the testing distribution and the unstable distribution, this problem will be fixed soon. We recommend that you upgrade your newt packages.
Family: unix Class: patch
Reference(s): DSA-1894-1
CVE-2009-2905
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): newt
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22865
 
Oval ID: oval:org.mitre.oval:def:22865
Title: ELSA-2009:1463: newt security update (Moderate)
Description: Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text dialog box.
Family: unix Class: patch
Reference(s): ELSA-2009:1463-01
CVE-2009-2905
Version: 6
Platform(s): Oracle Linux 5
Product(s): newt
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application3

OpenVAS Exploits

DateDescription
2011-08-09Name : CentOS Update for newt CESA-2009:1463 centos3 i386
File : nvt/gb_CESA-2009_1463_newt_centos3_i386.nasl
2011-08-09Name : CentOS Update for newt CESA-2009:1463 centos4 i386
File : nvt/gb_CESA-2009_1463_newt_centos4_i386.nasl
2011-08-09Name : CentOS Update for newt CESA-2009:1463 centos5 i386
File : nvt/gb_CESA-2009_1463_newt_centos5_i386.nasl
2011-03-09Name : Gentoo Security Advisory GLSA 201006-14 (newt)
File : nvt/glsa_201006_14.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:249-1 (newt)
File : nvt/mdksa_2009_249_1.nasl
2009-10-27Name : SuSE Security Summary SUSE-SR:2009:017
File : nvt/suse_sr_2009_017.nasl
2009-10-06Name : Mandrake Security Advisory MDVSA-2009:249 (newt)
File : nvt/mdksa_2009_249.nasl
2009-09-28Name : CentOS Security Advisory CESA-2009:1463 (newt)
File : nvt/ovcesa2009_1463.nasl
2009-09-28Name : Fedora Core 10 FEDORA-2009-9957 (newt)
File : nvt/fcore_2009_9957.nasl
2009-09-28Name : Fedora Core 11 FEDORA-2009-9961 (newt)
File : nvt/fcore_2009_9961.nasl
2009-09-28Name : RedHat Security Advisory RHSA-2009:1463
File : nvt/RHSA_2009_1463.nasl
2009-09-28Name : Ubuntu USN-837-1 (newt)
File : nvt/ubuntu_837_1.nasl
2009-09-28Name : Debian Security Advisory DSA 1894-1 (newt)
File : nvt/deb_1894_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
58330Newt textbox.c doReflow() Function Overflow

Nessus® Vulnerability Scanner

DateDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1463.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090924_newt_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2010-06-03Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201006-14.nasl - Type : ACT_GATHER_INFO
2010-03-05Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO
2010-02-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1894.nasl - Type : ACT_GATHER_INFO
2009-10-30Name : The remote openSUSE host is missing a security update.
File : suse_libnewt0_52-6504.nasl - Type : ACT_GATHER_INFO
2009-10-22Name : The remote openSUSE host is missing a security update.
File : suse_11_1_libnewt0_52-090923.nasl - Type : ACT_GATHER_INFO
2009-10-22Name : The remote openSUSE host is missing a security update.
File : suse_11_0_libnewt0_52-090923.nasl - Type : ACT_GATHER_INFO
2009-09-28Name : The remote Fedora host is missing a security update.
File : fedora_2009-9957.nasl - Type : ACT_GATHER_INFO
2009-09-28Name : The remote Fedora host is missing a security update.
File : fedora_2009-9961.nasl - Type : ACT_GATHER_INFO
2009-09-28Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1463.nasl - Type : ACT_GATHER_INFO
2009-09-28Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-249.nasl - Type : ACT_GATHER_INFO
2009-09-25Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-837-1.nasl - Type : ACT_GATHER_INFO
2009-09-25Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1463.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/36515
CONFIRMhttp://security.debian.org/pool/updates/main/n/newt/newt_0.52.2-10+etch1.diff.gz
http://support.avaya.com/css/P8/documents/100067251
https://bugzilla.redhat.com/show_bug.cgi?id=523955
DEBIANhttp://www.debian.org/security/2009/dsa-1894
MLISThttp://lists.vmware.com/pipermail/security-announce/2010/000082.html
REDHAThttps://rhn.redhat.com/errata/RHSA-2009-1463.html
SECUNIAhttp://secunia.com/advisories/37922
http://secunia.com/advisories/38794
http://secunia.com/advisories/38833
SUSEhttp://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
UBUNTUhttp://www.ubuntu.com/usn/USN-837-1
VUPENhttp://www.vupen.com/english/advisories/2010/0528

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:51:18
  • Multiple Updates
2013-05-10 23:55:53
  • Multiple Updates