CVE-2011-0989 : The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.9

The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, does not properly restrict data types, which allows remote attackers to modify internal read-only data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file, as demonstrated by modifying a C# struct.

Published 2011-04-13 21:55:01

Updated 2017-08-17 01:33:46

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2011-0989

Probability of exploitation activity in the next 30 days: 3.98%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 91 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2011-0989

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.8	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:P	8.6	4.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2011-0989

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-0989

http://www.securityfocus.com/bid/47208

Moonlight Prior to 2.4.1/3.99.3 Multiple Security Vulnerabilities

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2011-04/msg00024.html

openSUSE-SU-2011:0313-1 (critical): moonlight security update

CVEs referencing this url
https://bugzilla.novell.com/show_bug.cgi?id=667077

Bug 667077 – VUL-0: Moonlight Multiple Vulnerabilities
Patch

CVEs referencing this url
http://www.mono-project.com/Vulnerabilities

Vulnerabilities | Mono

CVEs referencing this url
http://www.vupen.com/english/advisories/2011/0904

Webmail | OVH- OVH
Vendor Advisory

CVEs referencing this url
https://github.com/mono/mono/commit/035c8587c0d8d307e45f1b7171a0d337bb451f1e

Allow only primitive types/enums in RuntimeHelpers.InitializeArray (). · mono/mono@035c858 · GitHub
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/66624

Momo Moonlight RuntimeHelpers.InitializeArray security bypass CVE-2011-0989 Vulnerability Report
http://openwall.com/lists/oss-security/2011/04/06/14

oss-security - Moonlight release 2.4.1 with security fixes
Patch

CVEs referencing this url

Products affected by CVE-2011-0989

Novell » Moonlight » Version: 3.99
cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*
Matching versions
Novell » Moonlight » Version: 2.31
cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*
Matching versions
Novell » Moonlight » Version: 2.0
cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*
Matching versions
Novell » Moonlight » Version: 3.0
cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*
Matching versions
Novell » Moonlight » Version: 2.3.0
cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*
Matching versions
Novell » Moonlight » Version: 2.4
cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*
Matching versions
Mono » Mono
cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2011-0989

Exploit prediction scoring system (EPSS) score for CVE-2011-0989

CVSS scores for CVE-2011-0989

CWE ids for CVE-2011-0989

References for CVE-2011-0989

Products affected by CVE-2011-0989