Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-3389HistoryDec 17, 2009 - 5:30 p.m.
CVE-2009-3389
2009-12-1717:30:00
Debian Security Bug Tracker
security-tracker.debian.org
20
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.09
Percentile
94.6%
Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libtheora | < 1.1 | libtheora_1.1_all.deb |
| Debian | 11 | all | libtheora | < 1.1 | libtheora_1.1_all.deb |
| Debian | 999 | all | libtheora | < 1.1 | libtheora_1.1_all.deb |
| Debian | 13 | all | libtheora | < 1.1 | libtheora_1.1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2009-3389
2009-12-15 00:00:00
nvd
nvd
CVE-2009-3389
2009-12-17 17:30:00
cve
cve
CVE-2009-3389
2009-12-17 17:30:00
nessus
nessus
Debian DSA-2045-1 : libtheora - integer overflow
2010-05-12 00:00:00
Mandriva Linux Security Advisory : libtheora (MDVSA-2010:043)
2010-02-22 00:00:00
openSUSE Security Update : libtheora (libtheora-2069)
2010-04-09 00:00:00
openvas
openvas
Mandriva Update for libtheora MDVSA-2010:043 (libtheora)
2010-02-22 00:00:00
Mandriva Update for libtheora MDVSA-2010:043 (libtheora)
2010-02-22 00:00:00
Mandriva Update for pciutils MDVA-2010:043 (pciutils)
2010-01-29 00:00:00
gentoo
gentoo
libtheora: Arbitrary code execution
2013-12-03 00:00:00
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
cvelist
cvelist
CVE-2009-3389
2009-12-17 17:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2009-67
2009-12-17 00:00:00
Mozilla Firefox multiple security vulnerabilities
2009-12-17 00:00:00
debian
debian
[SECURITY] [DSA 2045-1] New libtheora packages fix arbitrary code execution
2010-05-11 19:33:02
prion
prion
Integer overflow
2009-12-17 17:30:00
mozilla
mozilla
Integer overflow, crash in libtheora video library — Mozilla
2009-12-15 00:00:00
osv
osv
libtheora - arbitrary code execution
2010-05-11 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: seamonkey-2.0.1-1.fc12
2009-12-18 04:36:12
[SECURITY] Fedora 11 Update: yelp-2.26.0-10.fc11
2009-12-18 04:32:41
[SECURITY] Fedora 11 Update: perl-Gtk2-MozEmbed-0.08-6.fc11.8
2009-12-18 04:32:41
ubuntu
ubuntu
Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities
2009-12-18 00:00:00
Firefox 3.5 and Xulrunner 1.9.1 regression
2010-01-08 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2009-12-16 00:00:00
suse
suse
remote code execution in MozillaFirefox
2009-12-22 15:19:49
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.09
Percentile
94.6%
Related for DEBIANCVE:CVE-2009-3389