Debian Security Advisory

DLA-376-1 mono -- LTS security update

Date Reported:

30 Dec 2015

Affected Packages:

mono

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2009-0689.

More information:

Mono's string-to-double parser may crash, on specially crafted input. This could theoretically lead to arbitrary code execution.

This issue has been fixed in Debian 6 Squeeze with the version 2.6.7-5.1+deb6u2 of mono. We recommend that you upgrade your mono packages.