Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-0689Improper Restriction of Operations within the Bounds of a Memory Buffer in Freebsd

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-122Heap-based Buffer Overflow24 documents10 sources
Severity
6.8MEDIUMNVD
EPSS
41.8%
top 2.57%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
7
MonoFreebsdK-meleon Project K-meleon+4 more
Timeline
PublishedJul 1
Latest updateMay 2

Description

Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages5 packages

NVDmozilla/firefox18 versions+17
Debianmono/mono< 4.2.1.102+dfsg2-4+3

Also affects: Netbsd 5.0, Freebsd 6.4, 7.2

Patches

Patch: cvsweb.netbsd.orgPatch: securitytracker.comPatch: www.openbsd.org

🔴Vulnerability Details

3
GHSA
GHSA-99jp-rppc-jgcm: Array index error in the (1) dtoa implementation in dtoa2022-05-02
CVEList
CVE-2009-0689: Array index error in the (1) dtoa implementation in dtoa2009-07-01
OSV
CVE-2009-0689: Array index error in the (1) dtoa implementation in dtoa2009-07-01

💥Exploits & PoCs

11
Exploit-DB
MATLAB R2009b - 'dtoa' Implementation Memory Corruption2010-01-08
Exploit-DB
Apple Mac OSX 10.x - 'libc/strtod(3)' Memory Corruption2010-01-08
Exploit-DB
Sunbird 0.9 - Array Overrun Code Execution2009-12-11
Exploit-DB
KDE 4.3.3 - KDELibs 'dtoa()' Remote Code Execution2009-11-20
Exploit-DB
Opera Web Browser 10.01 - 'dtoa()' Remote Code Execution2009-11-20

📋Vendor Advisories

5
Ubuntu
Thunderbird vulnerabilities2010-03-18
Ubuntu
KDE vulnerabilities2009-12-11
Red Hat
array index error in dtoa implementation of many products2009-11-20
Red Hat
firefox: (rejected CVE-2009-1563) Firefox heap buffer overflow in string to number conversion2009-10-27
Debian
CVE-2009-0689: mono - Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the...2009

💬Community

4
Bugzilla
mono: Converting specially crafted string to float causes crash and possible code execution2015-12-22
Bugzilla
php: heap overflow in floating point parsing2014-01-24
HackerOne
Ruby: Heap Overflow in Floating Point Parsing2013-11-22
Bugzilla
CVE-2009-0689 array index error in dtoa implementation of many products2009-11-21
CVE-2009-0689 — Freebsd vulnerability | cvebase