FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mono -- DoS and code execution

Affected packages
mono < 4.2

Details

VuXML ID 4b3a7e70-afce-11e5-b864-14dae9d210b8
Discovery 2015-12-19
Entry 2015-12-31

NCC Group reports:

An attacker who can cause a carefully-chosen string to be converted to a floating-point number can cause a crash and potentially induce arbitrary code execution.

[source]

References

CVE Name CVE-2009-0689
URL http://seclists.org/oss-sec/2015/q4/543

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.