{"id":"CVE-2009-4012","details":"Multiple integer overflows in LibThai before 0.1.13 might allow context-dependent attackers to execute arbitrary code via long strings that trigger heap-based buffer overflows, related to (1) thbrk/thbrk.c and (2) thwbrk/thwbrk.c.  NOTE: some of these details are obtained from third party information.","modified":"2026-04-10T03:40:58.623374Z","published":"2010-01-19T16:30:00Z","related":["openSUSE-SU-2024:10355-1"],"references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/38196"},{"type":"ADVISORY","url":"http://secunia.com/advisories/38213"},{"type":"ADVISORY","url":"http://secunia.com/advisories/38235"},{"type":"ADVISORY","url":"http://secunia.com/advisories/38420"},{"type":"ADVISORY","url":"http://www.debian.org/security/2010/dsa-1971"},{"type":"FIX","url":"http://security.debian.org/pool/updates/main/libt/libthai/libthai_0.1.6-1+etch1.diff.gz"},{"type":"FIX","url":"http://security.debian.org/pool/updates/main/libt/libthai/libthai_0.1.9-4+lenny1.diff.gz"},{"type":"WEB","url":"http://linux.thai.net/node/184"},{"type":"WEB","url":"http://linux.thai.net/svn/software/libthai/tags/r_0_1_13/ChangeLog"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00000.html"},{"type":"WEB","url":"http://ubuntu.com/usn/usn-887-1"},{"type":"WEB","url":"http://www.securityfocus.com/bid/37822"}],"schema_version":"1.7.5"}