Unrated severityNVD Advisory· Published Jan 19, 2010· Updated Apr 23, 2026
CVE-2009-4012
CVE-2009-4012
Description
Multiple integer overflows in LibThai before 0.1.13 might allow context-dependent attackers to execute arbitrary code via long strings that trigger heap-based buffer overflows, related to (1) thbrk/thbrk.c and (2) thwbrk/thwbrk.c. NOTE: some of these details are obtained from third party information.
Affected products
13cpe:2.3:a:linux.thai:libthai:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:linux.thai:libthai:*:*:*:*:*:*:*:*range: <=0.1.12
- cpe:2.3:a:linux.thai:libthai:0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:linux.thai:libthai:0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:linux.thai:libthai:0.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:linux.thai:libthai:0.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:linux.thai:libthai:0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:linux.thai:libthai:0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:linux.thai:libthai:0.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:linux.thai:libthai:0.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:linux.thai:libthai:0.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:linux.thai:libthai:0.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:linux.thai:libthai:0.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:linux.thai:libthai:0.1.9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- security.debian.org/pool/updates/main/libt/libthai/libthai_0.1.6-1+etch1.diff.gznvdPatch
- security.debian.org/pool/updates/main/libt/libthai/libthai_0.1.9-4+lenny1.diff.gznvdPatch
- secunia.com/advisories/38196nvdVendor Advisory
- secunia.com/advisories/38213nvdVendor Advisory
- linux.thai.net/node/184nvd
- linux.thai.net/svn/software/libthai/tags/r_0_1_13/ChangeLognvd
- lists.opensuse.org/opensuse-security-announce/2010-02/msg00000.htmlnvd
- secunia.com/advisories/38235nvd
- secunia.com/advisories/38420nvd
- ubuntu.com/usn/usn-887-1nvd
- www.debian.org/security/2010/dsa-1971nvd
- www.securityfocus.com/bid/37822nvd
News mentions
0No linked articles in our index yet.