{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63614?format=json","vulnerability_id":"VCID-2jhf-j64s-gygy","summary":"Security researcher Alin Rad Pop of Secunia\nResearch reported a heap-based buffer overflow in Mozilla's string to\nfloating point number conversion routines.  Using this vulnerability\nan attacker could craft some malicious JavaScript code containing a\nvery long string to be converted to a floating point number which\nwould result in improper memory allocation and the execution of an\narbitrary memory location.  This vulnerability could thus be leveraged\nby the attacker to run arbitrary code on a victim's computer.Update: The underlying flaw in the dtoa routines used\nby Mozilla appears to be essentially the same as that reported against the\nlibc gdtoa routine by Maksymilian Arciemowicz.","aliases":[{"alias":"CVE-2009-0689"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/931061?format=json","purl":"pkg:deb/debian/mono@4.2.1.102%2Bdfsg2-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@4.2.1.102%252Bdfsg2-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1050370?format=json","purl":"pkg:deb/debian/mono@4.6.2.7%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-azkx-bdnb-ebbg"},{"vulnerability":"VCID-xzc1-cy42-2ub4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@4.6.2.7%252Bdfsg-1"},{"url":"http://public2.vulnerablecode.io/api/packages/931052?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931050?format=json","purl":"pkg:deb/debian/mono@6.8.0.105%2Bdfsg-3.3%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.8.0.105%252Bdfsg-3.3%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931054?format=json","purl":"pkg:deb/debian/mono@6.12.0.199%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.12.0.199%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/931053?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1104238?format=json","purl":"pkg:deb/debian/mono@6.14.1%2Bds2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@6.14.1%252Bds2-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932948?format=json","purl":"pkg:deb/debian/nspr@4.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@4.8-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/572072?format=json","purl":"pkg:deb/debian/nspr@4.8.6-1%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-49hp-8pm6-vkhr"},{"vulnerability":"VCID-97rg-h7t5-1fhs"},{"vulnerability":"VCID-ap6c-9pta-wbdz"},{"vulnerability":"VCID-r1pj-wxzf-5ubj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@4.8.6-1%252Bsqueeze1"},{"url":"http://public2.vulnerablecode.io/api/packages/932949?format=json","purl":"pkg:deb/debian/nspr@2:4.29-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@2:4.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932947?format=json","purl":"pkg:deb/debian/nspr@2:4.35-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@2:4.35-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932951?format=json","purl":"pkg:deb/debian/nspr@2:4.36-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@2:4.36-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/932950?format=json","purl":"pkg:deb/debian/nspr@2:4.38.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@2:4.38.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/86696?format=json","purl":"pkg:mozilla/Firefox@3.0.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/86695?format=json","purl":"pkg:mozilla/Firefox@3.5.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.4"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035136?format=json","purl":"pkg:deb/debian/mono@1.2.2.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4g67-mxz3-27ak"},{"vulnerability":"VCID-75b6-ycq1-93ay"},{"vulnerability":"VCID-azkx-bdnb-ebbg"},{"vulnerability":"VCID-c1c3-ck5x-mkay"},{"vulnerability":"VCID-f6cm-frak-aydf"},{"vulnerability":"VCID-fc3w-b9en-rbbm"},{"vulnerability":"VCID-nssu-1x9p-mudc"},{"vulnerability":"VCID-nz8p-usaz-8kgt"},{"vulnerability":"VCID-s4yu-1s7d-bufz"},{"vulnerability":"VCID-sgsg-b4yc-juh6"},{"vulnerability":"VCID-w6qh-dtdh-1bep"},{"vulnerability":"VCID-xzc1-cy42-2ub4"},{"vulnerability":"VCID-yqu4-jn6n-eug3"},{"vulnerability":"VCID-z7ht-bq8z-3qgd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.2.2.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035137?format=json","purl":"pkg:deb/debian/mono@1.2.2.1-1etch1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4g67-mxz3-27ak"},{"vulnerability":"VCID-75b6-ycq1-93ay"},{"vulnerability":"VCID-azkx-bdnb-ebbg"},{"vulnerability":"VCID-c1c3-ck5x-mkay"},{"vulnerability":"VCID-f6cm-frak-aydf"},{"vulnerability":"VCID-fc3w-b9en-rbbm"},{"vulnerability":"VCID-nssu-1x9p-mudc"},{"vulnerability":"VCID-nz8p-usaz-8kgt"},{"vulnerability":"VCID-s4yu-1s7d-bufz"},{"vulnerability":"VCID-sgsg-b4yc-juh6"},{"vulnerability":"VCID-w6qh-dtdh-1bep"},{"vulnerability":"VCID-xzc1-cy42-2ub4"},{"vulnerability":"VCID-yqu4-jn6n-eug3"},{"vulnerability":"VCID-z7ht-bq8z-3qgd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.2.2.1-1etch1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035138?format=json","purl":"pkg:deb/debian/mono@1.9.1%2Bdfsg-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4g67-mxz3-27ak"},{"vulnerability":"VCID-75b6-ycq1-93ay"},{"vulnerability":"VCID-azkx-bdnb-ebbg"},{"vulnerability":"VCID-c1c3-ck5x-mkay"},{"vulnerability":"VCID-fc3w-b9en-rbbm"},{"vulnerability":"VCID-nssu-1x9p-mudc"},{"vulnerability":"VCID-nz8p-usaz-8kgt"},{"vulnerability":"VCID-s4yu-1s7d-bufz"},{"vulnerability":"VCID-w6qh-dtdh-1bep"},{"vulnerability":"VCID-xzc1-cy42-2ub4"},{"vulnerability":"VCID-z7ht-bq8z-3qgd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@1.9.1%252Bdfsg-6"},{"url":"http://public2.vulnerablecode.io/api/packages/1035139?format=json","purl":"pkg:deb/debian/mono@2.6.7-5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-75b6-ycq1-93ay"},{"vulnerability":"VCID-azkx-bdnb-ebbg"},{"vulnerability":"VCID-fc3w-b9en-rbbm"},{"vulnerability":"VCID-nssu-1x9p-mudc"},{"vulnerability":"VCID-nz8p-usaz-8kgt"},{"vulnerability":"VCID-w6qh-dtdh-1bep"},{"vulnerability":"VCID-xzc1-cy42-2ub4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.6.7-5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035140?format=json","purl":"pkg:deb/debian/mono@2.6.7-5.1%2Bdeb6u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-75b6-ycq1-93ay"},{"vulnerability":"VCID-azkx-bdnb-ebbg"},{"vulnerability":"VCID-fc3w-b9en-rbbm"},{"vulnerability":"VCID-nssu-1x9p-mudc"},{"vulnerability":"VCID-nz8p-usaz-8kgt"},{"vulnerability":"VCID-w6qh-dtdh-1bep"},{"vulnerability":"VCID-xzc1-cy42-2ub4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.6.7-5.1%252Bdeb6u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1035141?format=json","purl":"pkg:deb/debian/mono@2.10.8.1-8%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-azkx-bdnb-ebbg"},{"vulnerability":"VCID-fc3w-b9en-rbbm"},{"vulnerability":"VCID-nssu-1x9p-mudc"},{"vulnerability":"VCID-w6qh-dtdh-1bep"},{"vulnerability":"VCID-xzc1-cy42-2ub4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@2.10.8.1-8%252Bdeb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1050369?format=json","purl":"pkg:deb/debian/mono@3.2.8%2Bdfsg-10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-azkx-bdnb-ebbg"},{"vulnerability":"VCID-xzc1-cy42-2ub4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mono@3.2.8%252Bdfsg-10"},{"url":"http://public2.vulnerablecode.io/api/packages/572071?format=json","purl":"pkg:deb/debian/nspr@4.7.1-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-49hp-8pm6-vkhr"},{"vulnerability":"VCID-53kn-ev4f-dufh"},{"vulnerability":"VCID-97rg-h7t5-1fhs"},{"vulnerability":"VCID-ap6c-9pta-wbdz"},{"vulnerability":"VCID-r1pj-wxzf-5ubj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@4.7.1-5"},{"url":"http://public2.vulnerablecode.io/api/packages/128146?format=json","purl":"pkg:rpm/redhat/firefox@3.0.15-3?arch=el5_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4vaj-81k4-n3a6"},{"vulnerability":"VCID-58z4-jhs8-kyay"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-h68j-ht6w-jqbm"},{"vulnerability":"VCID-nx8g-hhbk-yyep"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-sua6-rkjm-qyge"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@3.0.15-3%3Farch=el5_4"},{"url":"http://public2.vulnerablecode.io/api/packages/128156?format=json","purl":"pkg:rpm/redhat/firefox@3.0.15-3?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4vaj-81k4-n3a6"},{"vulnerability":"VCID-58z4-jhs8-kyay"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-h68j-ht6w-jqbm"},{"vulnerability":"VCID-nx8g-hhbk-yyep"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-sua6-rkjm-qyge"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@3.0.15-3%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/128157?format=json","purl":"pkg:rpm/redhat/kdelibs@6:3.3.1-17.el4_8?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kdelibs@6:3.3.1-17.el4_8%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/128150?format=json","purl":"pkg:rpm/redhat/kdelibs@6:3.5.4-25.el5_4?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kdelibs@6:3.5.4-25.el5_4%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/128158?format=json","purl":"pkg:rpm/redhat/nspr@4.7.6-1?arch=el4_8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4vaj-81k4-n3a6"},{"vulnerability":"VCID-58z4-jhs8-kyay"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-h68j-ht6w-jqbm"},{"vulnerability":"VCID-nx8g-hhbk-yyep"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-sua6-rkjm-qyge"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nspr@4.7.6-1%3Farch=el4_8"},{"url":"http://public2.vulnerablecode.io/api/packages/128151?format=json","purl":"pkg:rpm/redhat/nspr@4.7.6-1?arch=el5_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4vaj-81k4-n3a6"},{"vulnerability":"VCID-58z4-jhs8-kyay"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-h68j-ht6w-jqbm"},{"vulnerability":"VCID-nx8g-hhbk-yyep"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-sua6-rkjm-qyge"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nspr@4.7.6-1%3Farch=el5_4"},{"url":"http://public2.vulnerablecode.io/api/packages/128147?format=json","purl":"pkg:rpm/redhat/php@5.1.6-23.6?arch=el5_3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-23.6%3Farch=el5_3"},{"url":"http://public2.vulnerablecode.io/api/packages/128155?format=json","purl":"pkg:rpm/redhat/php@5.1.6-27.el5_6?arch=7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-27.el5_6%3Farch=7"},{"url":"http://public2.vulnerablecode.io/api/packages/128153?format=json","purl":"pkg:rpm/redhat/php@5.1.6-40.el5_9?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-40.el5_9%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/128149?format=json","purl":"pkg:rpm/redhat/php@5.1.6-44?arch=el5_10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-c9kd-927x-5ket"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-44%3Farch=el5_10"},{"url":"http://public2.vulnerablecode.io/api/packages/128152?format=json","purl":"pkg:rpm/redhat/seamonkey@1.0.9-0.47?arch=el3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-d5ha-6epq-afd4"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.9-0.47%3Farch=el3"},{"url":"http://public2.vulnerablecode.io/api/packages/128154?format=json","purl":"pkg:rpm/redhat/seamonkey@1.0.9-50?arch=el4_8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-d5ha-6epq-afd4"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.9-50%3Farch=el4_8"},{"url":"http://public2.vulnerablecode.io/api/packages/127945?format=json","purl":"pkg:rpm/redhat/thunderbird@1.5.0.12-25?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-1n9c-e6em-kbb6"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-3bf4-ms9e-x3dq"},{"vulnerability":"VCID-53kn-ev4f-dufh"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-85v1-yb4g-bqa4"},{"vulnerability":"VCID-89ja-f5vc-83d3"},{"vulnerability":"VCID-8kzv-qk9n-9ydf"},{"vulnerability":"VCID-9jkh-xn2d-3bdx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-cwsk-1qr2-1fed"},{"vulnerability":"VCID-jwsm-57gb-jkb4"},{"vulnerability":"VCID-sapd-n7mr-eudc"},{"vulnerability":"VCID-usb1-ure3-77ft"},{"vulnerability":"VCID-v7mb-nqbm-93bs"},{"vulnerability":"VCID-wqza-9p8v-4kek"},{"vulnerability":"VCID-y1cq-jzte-p3hq"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@1.5.0.12-25%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/127943?format=json","purl":"pkg:rpm/redhat/thunderbird@2.0.0.24-2?arch=el5_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-1n9c-e6em-kbb6"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-3bf4-ms9e-x3dq"},{"vulnerability":"VCID-53kn-ev4f-dufh"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-85v1-yb4g-bqa4"},{"vulnerability":"VCID-89ja-f5vc-83d3"},{"vulnerability":"VCID-8kzv-qk9n-9ydf"},{"vulnerability":"VCID-9jkh-xn2d-3bdx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-cwsk-1qr2-1fed"},{"vulnerability":"VCID-jwsm-57gb-jkb4"},{"vulnerability":"VCID-sapd-n7mr-eudc"},{"vulnerability":"VCID-usb1-ure3-77ft"},{"vulnerability":"VCID-v7mb-nqbm-93bs"},{"vulnerability":"VCID-wqza-9p8v-4kek"},{"vulnerability":"VCID-y1cq-jzte-p3hq"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@2.0.0.24-2%3Farch=el5_4"},{"url":"http://public2.vulnerablecode.io/api/packages/128148?format=json","purl":"pkg:rpm/redhat/xulrunner@1.9.0.15-3?arch=el5_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4vaj-81k4-n3a6"},{"vulnerability":"VCID-58z4-jhs8-kyay"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-h68j-ht6w-jqbm"},{"vulnerability":"VCID-nx8g-hhbk-yyep"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-sua6-rkjm-qyge"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/xulrunner@1.9.0.15-3%3Farch=el5_4"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0689","reference_id":"","reference_type":"","scores":[{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97465","published_at":"2026-05-14T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97395","published_at":"2026-04-01T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.9745","published_at":"2026-05-11T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97455","published_at":"2026-05-12T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97402","published_at":"2026-04-02T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97406","published_at":"2026-04-04T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97408","published_at":"2026-04-07T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97415","published_at":"2026-04-08T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97417","published_at":"2026-04-09T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97419","published_at":"2026-04-11T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97421","published_at":"2026-04-13T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97429","published_at":"2026-04-16T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97433","published_at":"2026-04-21T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97432","published_at":"2026-04-24T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97434","published_at":"2026-04-26T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97437","published_at":"2026-04-29T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.9744","published_at":"2026-05-05T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97444","published_at":"2026-05-07T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97447","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0689"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=539784","reference_id":"539784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=539784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689","reference_id":"CVE-2009-0689","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10185.txt","reference_id":"CVE-2009-0689","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10185.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10187.txt","reference_id":"CVE-2009-0689;OSVDB-61186","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10187.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33363.txt","reference_id":"CVE-2009-0689;OSVDB-61186","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33363.txt"},{"reference_url":"https://www.securityfocus.com/bid/37078/info","reference_id":"CVE-2009-0689;OSVDB-61186","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37078/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10184.txt","reference_id":"CVE-2009-0689;OSVDB-61187","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10184.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33364.txt","reference_id":"CVE-2009-0689;OSVDB-61187","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33364.txt"},{"reference_url":"https://www.securityfocus.com/bid/37080/info","reference_id":"CVE-2009-0689;OSVDB-61187","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37080/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33312.txt","reference_id":"CVE-2009-0689;OSVDB-61189","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33312.txt"},{"reference_url":"https://www.securityfocus.com/bid/36851/info","reference_id":"CVE-2009-0689;OSVDB-61189","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/36851/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10186.txt","reference_id":"CVE-2009-0689;OSVDB-62402","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10186.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/33058.txt","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/33058.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/33479.c","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/33479.c"},{"reference_url":"https://www.securityfocus.com/bid/35510/info","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/35510/info"},{"reference_url":"https://www.securityfocus.com/bid/37687/info","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37687/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33480.txt","reference_id":"CVE-2009-0689;OSVDB-63641","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33480.txt"},{"reference_url":"https://www.securityfocus.com/bid/37688/info","reference_id":"CVE-2009-0689;OSVDB-63641","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37688/info"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59","reference_id":"mfsa2009-59","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/10380.pl","reference_id":"OSVDB-61189;CVE-2009-0689","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/10380.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1601","reference_id":"RHSA-2009:1601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0311","reference_id":"RHSA-2014:0311","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0311"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0312","reference_id":"RHSA-2014:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0312"},{"reference_url":"https://usn.ubuntu.com/871-1/","reference_id":"USN-871-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/871-1/"},{"reference_url":"https://usn.ubuntu.com/915-1/","reference_id":"USN-915-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/915-1/"}],"weaknesses":[],"exploits":[{"date_added":"2009-12-10","description":"Sunbird 0.9 - Array Overrun Code Execution","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":false,"source_date_published":"2009-12-11","exploit_type":"remote","platform":"windows","source_date_updated":"2013-12-09","data_source":"Exploit-DB","source_url":""}],"severity_range_score":"6.4 - 10.0","exploitability":"2.0","weighted_severity":"9.0","risk_score":10.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2jhf-j64s-gygy"}