Upstream information

CVE-2011-0990 at MITRE

Description

Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file in which a thread makes a change after a type check but before a copy action.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5.8
Vector AV:N/AC:M/Au:N/C:N/I:P/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entry: 667077 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP1
  • libmoon0 >= 2.4.1-0.5.1
  • moonlight-plugin >= 2.4.1-0.5.1
  • moonlight-tools >= 2.4.1-0.5.1
Builds
SAT Patch Nr: 4246
openSUSE 11.3
  • libmoon0-debuginfo >= 2.4.1-0.2.1
  • moonlight-debugsource >= 2.4.1-0.2.1
  • moonlight-plugin-debuginfo >= 2.4.1-0.2.1
openSUSE 11.3
  • libmoon-devel >= 2.4.1-0.2.1
  • libmoon0 >= 2.4.1-0.2.1
  • moonlight-desktop >= 2.4.1-0.2.1
  • moonlight-desktop-devel >= 2.4.1-0.2.1
  • moonlight-plugin >= 2.4.1-0.2.1
  • moonlight-tools >= 2.4.1-0.2.1
  • moonlight-web-devel >= 2.4.1-0.2.1
openSUSE 11.4
  • libmoon-devel >= 2.4.1-0.3.1
  • libmoon0 >= 2.4.1-0.3.1
  • moonlight-desktop >= 2.4.1-0.3.1
  • moonlight-desktop-devel >= 2.4.1-0.3.1
  • moonlight-plugin >= 2.4.1-0.3.1
  • moonlight-tools >= 2.4.1-0.3.1
  • moonlight-web-devel >= 2.4.1-0.3.1
openSUSE 11.4
  • libmoon-devel >= 2.4.1-0.3.1
  • libmoon0 >= 2.4.1-0.3.1
  • libmoon0-debuginfo >= 2.4.1-0.3.1
  • moonlight-debugsource >= 2.4.1-0.3.1
  • moonlight-desktop >= 2.4.1-0.3.1
  • moonlight-desktop-devel >= 2.4.1-0.3.1
  • moonlight-plugin >= 2.4.1-0.3.1
  • moonlight-plugin-debuginfo >= 2.4.1-0.3.1
  • moonlight-tools >= 2.4.1-0.3.1
  • moonlight-web-devel >= 2.4.1-0.3.1
Patchnames:
libmoon-devel


Status of this issue by product and package

Product(s) Source package State
SUSE Linux Enterprise Desktop 11 SP1 moonlight Released
SUSE Linux Enterprise Desktop 11 SP2 moonlight Released
SUSE Linux Enterprise Desktop 11 SP3 moonlight Released
SUSE Linux Enterprise Desktop 11 SP4 moonlight Released