Denial of Service Vulnerability in Moonlight by Novell
CVE-2011-0989

Currently unrated

Key Information:

Vendor: Novell
Status: Moonlight; Mono
Vendor: CVE Published:; 13 April 2011

Summary

The vulnerability in the RuntimeHelpers.InitializeArray method within Mono allows remote attackers to exploit improper data type restrictions. This can lead to a denial of service where the plugin crashes or results in the corruption of the security manager's internal state through specially crafted media files. Attackers can manipulate internal read-only data structures, increasing the risk of security breaches and service interruptions.

References

https://bugzilla.novell.com/show_bug.cgi?id=667077

x_refsource_CONFIRM

http://www.securityfocus.com/bid/47208

vdb-entryx_refsource_BID

http://openwall.com/lists/oss-security/2011/04/06/14

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Apr 13, 2011
Vulnerability Reserved
Feb 14, 2011