Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4316

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2008-4316
Last Modified 21 Aug 2010 01:24:10
Published 14 Mar 2009 02:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-4316

Summary

Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation.

Vulnerable Systems

Application

  • Gnome Glib 2.14.5

  • Gnome Glib 2.14.6

  • Gnome Glib 2.16.3

  • Gnome Glib 2.16.4

  • Gnome Glib 2.2.1


References

BID - 34100

CONFIRM - http://svn.gnome.org/viewvc/glib?view=revision&revision=7973

MLIST - [oss-security] 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows

MISC - http://ocert.org/patches/2008-015/glib-CVE-2008-4316.diff

FEDORA - FEDORA-2009-2688

XF - glib-gbase64-bo(49272)

VUPEN - ADV-2010-0528

UBUNTU - USN-738-1

SECTRACK - 1021884

BUGTRAQ - 20090312 rPSA-2009-0045-1 glib

BUGTRAQ - 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows

REDHAT - RHSA-2009:0336

FEDORA - FEDORA-2009-2657

MLIST - [oss-security] 20090317 Re: [oCERT-2008-015] glib and glib-predecessor heap overflows

MISC - http://www.ocert.org/advisories/ocert-2008-015.html

MANDRIVA - MDVSA-2009:080

DEBIAN - DSA-1747

CONFIRM - http://wiki.rpath.com/Advisories:rPSA-2009-0045

SECUNIA - 38833

SECUNIA - 38794

SECUNIA - 34890

SECUNIA - 34854

SECUNIA - 34560

SECUNIA - 34416

SECUNIA - 34404

SECUNIA - 34317

SECUNIA - 34267

MLIST - [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates

SUSE - SUSE-SA:2009:026

Related Patches

SUN149112-01 Solaris 10 SPARC: libglib-2.0.so.0.1800.3 patch (Rev 2)

SUN149113-01 Solaris 10 x86: libglib-2.0.so.0.1800.3 patch (Rev 2)


Last Updated: 27 May 2016 10:48:27