Executive Summary

Informations
Name CVE-2009-0689 First vendor Publication 2009-07-01
Vendor Cve Last vendor Modification 2018-11-02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 6.8 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-42 MIME Conversion
CAPEC-44 Overflow Binary Resource File
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-100 Overflow Buffers

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12913
 
Oval ID: oval:org.mitre.oval:def:12913
Title: DSA-1998-1 kdelibs -- buffer overflow
Description: Maksymilian Arciemowicz discovered a buffer overflow in the internal string routines of the KDE core libraries, which could lead to the execution of arbitrary code. For the stable distribution, this problem has been fixed in version 4:3.5.10.dfsg.1-0lenny4. For the unstable distribution, this problem has been fixed in version 4:3.5.10.dfsg.1-3. We recommend that you upgrade your kdelibs packages.
Family: unix Class: patch
Reference(s): DSA-1998-1
CVE-2009-0689
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): kdelibs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13490
 
Oval ID: oval:org.mitre.oval:def:13490
Title: USN-871-1 -- kdelibs vulnerability
Description: A buffer overflow was found in the KDE libraries when converting a string to a floating point number. If a user or application linked against kdelibs were tricked into processing crafted input, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that the KDE libraries could use KHTML to process an unknown MIME type. If a user or application linked against kdelibs were tricked into opening a crafted file, an attacker could potentially trigger XMLHTTPRequests to remote sites.
Family: unix Class: patch
Reference(s): USN-871-1
CVE-2009-0689
Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 8.10
Ubuntu 9.10
Ubuntu 9.04
Product(s): kdelibs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22669
 
Oval ID: oval:org.mitre.oval:def:22669
Title: ELSA-2009:1601: kdelibs security update (Critical)
Description: Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
Family: unix Class: patch
Reference(s): ELSA-2009:1601-01
CVE-2009-0689
Version: 6
Platform(s): Oracle Linux 5
Product(s): kdelibs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23947
 
Oval ID: oval:org.mitre.oval:def:23947
Title: ELSA-2014:0311: php security update (Critical)
Description: Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
Family: unix Class: patch
Reference(s): ELSA-2014:0311-00
CVE-2006-7243
CVE-2009-0689
Version: 7
Platform(s): Oracle Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24079
 
Oval ID: oval:org.mitre.oval:def:24079
Title: RHSA-2014:0311: php security update (Critical)
Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed floating point numbers from their text representation. If a PHP application converted untrusted input strings to numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with the privileges of the application. (CVE-2009-0689) It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2006-7243) All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0311-00
CESA-2014:0311
CVE-2006-7243
CVE-2009-0689
Version: 11
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25660
 
Oval ID: oval:org.mitre.oval:def:25660
Title: SUSE-SU-2013:1828-1 -- Security update for ruby
Description: The following security issue has been fixed: * CVE-2013-4164: heap overflow in float point parsing
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1828-1
CVE-2013-4164
CVE-2009-0689
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): ruby
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29365
 
Oval ID: oval:org.mitre.oval:def:29365
Title: RHSA-2009:1601 -- kdelibs security update (Critical)
Description: Updated kdelibs packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The kdelibs packages provide libraries for the K Desktop Environment (KDE). A buffer overflow flaw was found in the kdelibs string to floating point conversion routines. A web page containing malicious JavaScript could crash Konqueror or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-0689)
Family: unix Class: patch
Reference(s): RHSA-2009:1601
CESA-2009:1601-CentOS 5
CVE-2009-0689
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
CentOS Linux 5
Product(s): kdelibs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6528
 
Oval ID: oval:org.mitre.oval:def:6528
Title: Mozilla Firefox Floating Point Memory Allocation Vulnerability
Description: Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
Family: windows Class: vulnerability
Reference(s): CVE-2009-0689
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6826
 
Oval ID: oval:org.mitre.oval:def:6826
Title: DSA-1998 kdelibs -- buffer overflow
Description: Maksymilian Arciemowicz discovered a buffer overflow in the internal string routines of the KDE core libraries, which could lead to the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1998
CVE-2009-0689
Version: 7
Platform(s): Debian GNU/Linux 5.0
Product(s): kdelibs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9541
 
Oval ID: oval:org.mitre.oval:def:9541
Title: Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
Description: Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0689
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 18
Application 1
Os 10
Os 1
Os 1

ExploitDB Exploits

id Description
2009-12-11 Sunbird 0.9 Array Overrun (code execution) 0day
2009-11-19 Opera 10.01 Remote Array Overrun
2009-11-19 K-Meleon 1.5.3 Remote Array Overrun
2009-11-19 SeaMonkey 1.1.8 Remote Array Overrun
2009-11-19 KDE KDELibs 4.3.3 Remote Array Overrun

OpenVAS Exploits

Date Description
2011-08-09 Name : CentOS Update for firefox CESA-2009:1530 centos4 i386
File : nvt/gb_CESA-2009_1530_firefox_centos4_i386.nasl
2011-08-09 Name : CentOS Update for seamonkey CESA-2009:1531 centos3 i386
File : nvt/gb_CESA-2009_1531_seamonkey_centos3_i386.nasl
2011-08-09 Name : CentOS Update for seamonkey CESA-2009:1531 centos4 i386
File : nvt/gb_CESA-2009_1531_seamonkey_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kdelibs CESA-2009:1601 centos4 i386
File : nvt/gb_CESA-2009_1601_kdelibs_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kdelibs CESA-2009:1601 centos5 i386
File : nvt/gb_CESA-2009_1601_kdelibs_centos5_i386.nasl
2011-08-09 Name : CentOS Update for thunderbird CESA-2010:0153 centos5 i386
File : nvt/gb_CESA-2010_0153_thunderbird_centos5_i386.nasl
2010-05-12 Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002
File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl
2010-04-29 Name : Fedora Update for seamonkey FEDORA-2010-7100
File : nvt/gb_fedora_2010_7100_seamonkey_fc11.nasl
2010-04-16 Name : Mandriva Update for krb5 MDVSA-2010:071 (krb5)
File : nvt/gb_mandriva_MDVSA_2010_071.nasl
2010-03-30 Name : FreeBSD Ports: seamonkey, linux-seamonkey
File : nvt/freebsd_seamonkey.nasl
2010-03-22 Name : RedHat Update for thunderbird RHSA-2010:0154-02
File : nvt/gb_RHSA-2010_0154-02_thunderbird.nasl
2010-03-22 Name : Ubuntu Update for thunderbird vulnerabilities USN-915-1
File : nvt/gb_ubuntu_USN_915_1.nasl
2010-03-22 Name : CentOS Update for thunderbird CESA-2010:0154 centos4 i386
File : nvt/gb_CESA-2010_0154_thunderbird_centos4_i386.nasl
2010-02-25 Name : Debian Security Advisory DSA 1998-1 (kdelibs)
File : nvt/deb_1998_1.nasl
2010-01-29 Name : Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)
File : nvt/gb_mandriva_MDVSA_2010_027.nasl
2010-01-29 Name : Mandriva Update for kdelibs4 MDVSA-2010:028 (kdelibs4)
File : nvt/gb_mandriva_MDVSA_2010_028.nasl
2009-12-14 Name : SLES11: Security update for kdelibs3
File : nvt/sles11_kdelibs3.nasl
2009-12-14 Name : Mandriva Security Advisory MDVSA-2009:330 (kdelibs)
File : nvt/mdksa_2009_330.nasl
2009-12-10 Name : FreeBSD Ports: opera
File : nvt/freebsd_opera19.nasl
2009-12-10 Name : Mandriva Security Advisory MDVSA-2009:290-1 (firefox)
File : nvt/mdksa_2009_290_1.nasl
2009-12-03 Name : RedHat Security Advisory RHSA-2009:1601
File : nvt/RHSA_2009_1601.nasl
2009-11-23 Name : Ubuntu USN-853-1 (xulrunner-1.9.1)
File : nvt/ubuntu_853_1.nasl
2009-11-11 Name : SLES11: Security update for Mozilla Firefox
File : nvt/sles11_MozillaFirefox7.nasl
2009-11-11 Name : SLES11: Security update for Mozilla
File : nvt/sles11_mozilla-nspr.nasl
2009-11-11 Name : SLES11: Security update for Mozilla XULRunner
File : nvt/sles11_mozilla-xulrunn1.nasl
2009-11-11 Name : SuSE Security Advisory SUSE-SA:2009:052 (MozillaFirefox)
File : nvt/suse_sa_2009_052.nasl
2009-11-11 Name : SLES10: Security update for Mozilla XULRunner
File : nvt/sles10_mozilla-xulrunn0.nasl
2009-11-11 Name : SuSE Security Summary SUSE-SR:2009:018
File : nvt/suse_sr_2009_018.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1531
File : nvt/RHSA_2009_1531.nasl
2009-11-11 Name : SLES10: Security update for mozilla-nspr
File : nvt/sles10_mozilla-nspr0.nasl
2009-11-11 Name : SLES10: Security update for Mozilla Firefox
File : nvt/sles10_MozillaFirefox7.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1531 (seamonkey)
File : nvt/ovcesa2009_1531.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1530 (firefox)
File : nvt/ovcesa2009_1530.nasl
2009-11-11 Name : Mandriva Security Advisory MDVSA-2009:290 (firefox)
File : nvt/mdksa_2009_290.nasl
2009-11-11 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox42.nasl
2009-11-11 Name : Fedora Core 10 FEDORA-2009-10981 (blam)
File : nvt/fcore_2009_10981.nasl
2009-11-11 Name : Fedora Core 11 FEDORA-2009-10878 (chmsee)
File : nvt/fcore_2009_10878.nasl
2009-11-11 Name : Debian Security Advisory DSA 1931-1 (nspr)
File : nvt/deb_1931_1.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1530
File : nvt/RHSA_2009_1530.nasl
2009-11-02 Name : Mozilla Firefox Multiple Vulnerabilities Nov-09 (Win)
File : nvt/gb_firefox_mult_vuln_nov09_win.nasl
2009-11-02 Name : Mozilla Firefox Multiple Vulnerabilities Nov-09 (Linux)
File : nvt/gb_firefox_mult_vuln_nov09_lin.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
63646 J Programming Language libc dtoa Implementation Floating Point Parsing Memory...

63641 Matlab libc dtoa Implementation Floating Point Parsing Memory Corruption

63639 Apple Mac OS X libc dtoa Implementation Floating Point Parsing Memory Corruption

62402 K-Meleon libc dtoa Implementation Floating Point Parsing Memory Corruption

61189 Mozilla Sunbird libc dtoa Implementation Floating Point Parsing Memory Corrup...

61188 Flock Browser libc dtoa Implementation Floating Point Parsing Memory Corruption

61187 KDE kdelibs libc dtoa Implementation Floating Point Parsing Memory Corruption

61186 Opera libc dtoa Implementation Floating Point Parsing Memory Corruption

61091 Mozilla Multiple Products libc dtoa Implementation Floating Point Parsing Mem...

55603 libc gdtoa/misc.c dtoa() Implementation printf Function Array Overflow

Snort® IPS/IDS

Date Description
2014-01-10 Mozilla products floating point buffer overflow attempt
RuleID : 21155 - Revision : 6 - Type : BROWSER-FIREFOX
2014-01-10 Mozilla products floating point buffer overflow attempt
RuleID : 21154 - Revision : 6 - Type : BROWSER-FIREFOX

Nessus® Vulnerability Scanner

Date Description
2018-11-02 Name : The remote Debian host is missing a security update.
File : debian_DLA-1564.nasl - Type : ACT_GATHER_INFO
2016-12-01 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2958-1.nasl - Type : ACT_GATHER_INFO
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0001_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote Fedora host is missing a security update.
File : fedora_2015-6dec4e6d5f.nasl - Type : ACT_GATHER_INFO
2016-01-28 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0257-1.nasl - Type : ACT_GATHER_INFO
2016-01-04 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_4b3a7e70afce11e5b86414dae9d210b8.nasl - Type : ACT_GATHER_INFO
2016-01-04 Name : The remote Debian host is missing a security update.
File : debian_DLA-376.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0312.nasl - Type : ACT_GATHER_INFO
2014-03-20 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140318_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-03-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO
2014-03-19 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO
2014-03-19 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0311.nasl - Type : ACT_GATHER_INFO
2013-12-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_ruby-131125.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2010-0154.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1601.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1531.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1530.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1601.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO
2013-01-08 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091027_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091027_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091124_kdelibs_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20100317_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_MozillaFirefox-6609.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kdelibs3-6692.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mozilla-nspr-6631.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mozilla-xulrunner190-6617.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-028.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-027.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-294.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-7100.nasl - Type : ACT_GATHER_INFO
2010-05-20 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_seamonkey-100430.nasl - Type : ACT_GATHER_INFO
2010-05-20 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_seamonkey-100430.nasl - Type : ACT_GATHER_INFO
2010-05-20 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12616.nasl - Type : ACT_GATHER_INFO
2010-05-11 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO
2010-04-14 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-071.nasl - Type : ACT_GATHER_INFO
2010-03-30 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_MozillaThunderbird-100324.nasl - Type : ACT_GATHER_INFO
2010-03-30 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_MozillaThunderbird-100324.nasl - Type : ACT_GATHER_INFO
2010-03-29 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2010-0153.nasl - Type : ACT_GATHER_INFO
2010-03-29 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_6_3.nasl - Type : ACT_GATHER_INFO
2010-03-29 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2010-002.nasl - Type : ACT_GATHER_INFO
2010-03-22 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_56cfe192329f11dfabb2000f20797ede.nasl - Type : ACT_GATHER_INFO
2010-03-19 Name : A web browser on the remote host is affected by multiple vulnerabilities.
File : seamonkey_1119.nasl - Type : ACT_GATHER_INFO
2010-03-19 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2010-0154.nasl - Type : ACT_GATHER_INFO
2010-03-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-915-1.nasl - Type : ACT_GATHER_INFO
2010-03-19 Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_20024.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1998.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1931.nasl - Type : ACT_GATHER_INFO
2010-01-12 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kdelibs4-100107.nasl - Type : ACT_GATHER_INFO
2010-01-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0001.nasl - Type : ACT_GATHER_INFO
2009-12-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-346.nasl - Type : ACT_GATHER_INFO
2009-12-22 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12563.nasl - Type : ACT_GATHER_INFO
2009-12-11 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-871-2.nasl - Type : ACT_GATHER_INFO
2009-12-11 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-871-1.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kdelibs3-091204.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kdelibs3-091202.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kdelibs3-091202.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kdelibs3-091202.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kdelibs3-6691.nasl - Type : ACT_GATHER_INFO
2009-12-04 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-290.nasl - Type : ACT_GATHER_INFO
2009-12-02 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_6431c4dbdeb411de90780030843d3802.nasl - Type : ACT_GATHER_INFO
2009-11-30 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_opera-091125.nasl - Type : ACT_GATHER_INFO
2009-11-30 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_opera-091125.nasl - Type : ACT_GATHER_INFO
2009-11-30 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_opera-091125.nasl - Type : ACT_GATHER_INFO
2009-11-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1601.nasl - Type : ACT_GATHER_INFO
2009-11-25 Name : The remote host contains a web browser that is affected by multiple issues.
File : opera_1010.nasl - Type : ACT_GATHER_INFO
2009-11-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-853-2.nasl - Type : ACT_GATHER_INFO
2009-11-09 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mozilla-nspr-6630.nasl - Type : ACT_GATHER_INFO
2009-11-09 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_mozilla-nspr-091103.nasl - Type : ACT_GATHER_INFO
2009-11-09 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_mozilla-nspr-091104.nasl - Type : ACT_GATHER_INFO
2009-11-09 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_mozilla-nspr-091104.nasl - Type : ACT_GATHER_INFO
2009-11-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_MozillaFirefox-091102.nasl - Type : ACT_GATHER_INFO
2009-11-05 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-10981.nasl - Type : ACT_GATHER_INFO
2009-11-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_MozillaFirefox-091103.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_MozillaFirefox-6606.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_mozilla-xulrunner190-091030.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mozilla-xulrunner190-6616.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_MozillaFirefox-091030.nasl - Type : ACT_GATHER_INFO
2009-11-02 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-853-1.nasl - Type : ACT_GATHER_INFO
2009-10-29 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-10878.nasl - Type : ACT_GATHER_INFO
2009-10-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1531.nasl - Type : ACT_GATHER_INFO
2009-10-29 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c87aa2d2c3c411deab08000f20797ede.nasl - Type : ACT_GATHER_INFO
2009-10-29 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_3015.nasl - Type : ACT_GATHER_INFO
2009-10-29 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_354.nasl - Type : ACT_GATHER_INFO
2009-10-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1530.nasl - Type : ACT_GATHER_INFO
2009-10-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1530.nasl - Type : ACT_GATHER_INFO
2009-10-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1531.nasl - Type : ACT_GATHER_INFO
2009-10-01 Name : The remote host contains a web browser that is affected by a buffer overflow ...
File : google_chrome_3_0_195_24.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
APPLE http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html
BID http://www.securityfocus.com/bid/35510
BUGTRAQ http://www.securityfocus.com/archive/1/507977/100/0/threaded
http://www.securityfocus.com/archive/1/507979/100/0/threaded
http://www.securityfocus.com/archive/1/508417/100/0/threaded
http://www.securityfocus.com/archive/1/508423/100/0/threaded
CONFIRM http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.h
http://support.apple.com/kb/HT4077
http://support.apple.com/kb/HT4225
http://www.mozilla.org/security/announce/2009/mfsa2009-59.html
http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.c
http://www.opera.com/support/kb/view/942/
https://bugzilla.mozilla.org/show_bug.cgi?id=516396
https://bugzilla.mozilla.org/show_bug.cgi?id=516862
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2009:294
http://www.mandriva.com/security/advisories?name=MDVSA-2009:330
MISC http://secunia.com/secunia_research/2009-35/
MLIST https://lists.debian.org/debian-lts-announce/2018/11/msg00001.html
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT http://rhn.redhat.com/errata/RHSA-2014-0311.html
http://rhn.redhat.com/errata/RHSA-2014-0312.html
http://www.redhat.com/support/errata/RHSA-2009-1601.html
http://www.redhat.com/support/errata/RHSA-2010-0153.html
http://www.redhat.com/support/errata/RHSA-2010-0154.html
SECTRACK http://securitytracker.com/id?1022478
SECUNIA http://secunia.com/advisories/37431
http://secunia.com/advisories/37682
http://secunia.com/advisories/37683
http://secunia.com/advisories/38066
http://secunia.com/advisories/38977
http://secunia.com/advisories/39001
SREASONRES http://securityreason.com/achievement_securityalert/63
http://securityreason.com/achievement_securityalert/69
http://securityreason.com/achievement_securityalert/71
http://securityreason.com/achievement_securityalert/72
http://securityreason.com/achievement_securityalert/73
http://securityreason.com/achievement_securityalert/75
http://securityreason.com/achievement_securityalert/76
http://securityreason.com/achievement_securityalert/77
http://securityreason.com/achievement_securityalert/78
http://securityreason.com/achievement_securityalert/81
SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1
SUSE http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
UBUNTU http://www.ubuntu.com/usn/USN-915-1
VUPEN http://www.vupen.com/english/advisories/2009/3297
http://www.vupen.com/english/advisories/2009/3299
http://www.vupen.com/english/advisories/2009/3334
http://www.vupen.com/english/advisories/2010/0094
http://www.vupen.com/english/advisories/2010/0648
http://www.vupen.com/english/advisories/2010/0650

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Date Informations
2020-05-23 00:23:24
  • Multiple Updates
2019-03-19 12:03:06
  • Multiple Updates
2018-11-02 13:20:28
  • Multiple Updates
2018-10-11 00:19:31
  • Multiple Updates
2017-09-29 09:24:05
  • Multiple Updates
2016-12-02 13:24:58
  • Multiple Updates
2016-04-26 18:39:34
  • Multiple Updates
2016-03-09 13:25:54
  • Multiple Updates
2016-03-05 13:26:42
  • Multiple Updates
2016-01-29 13:26:20
  • Multiple Updates
2016-01-05 13:25:44
  • Multiple Updates
2014-11-08 13:29:44
  • Multiple Updates
2014-03-26 13:21:50
  • Multiple Updates
2014-03-21 13:21:25
  • Multiple Updates
2014-03-20 13:21:37
  • Multiple Updates
2014-02-17 10:48:58
  • Multiple Updates
2014-01-19 21:25:43
  • Multiple Updates
2013-05-10 23:45:04
  • Multiple Updates