Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0585

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2009-0585
Last Modified 21 Aug 2010 01:30:35
Published 14 Mar 2009 02:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0585

Summary

Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation.

Vulnerable Systems

Application

  • Joe Shaw Libsoup 2.1

  • Joe Shaw Libsoup 2.23.1

  • Joe Shaw Libsoup 2.23.6

  • Joe Shaw Libsoup 2.23.91

  • Joe Shaw Libsoup 2.23.92


References

BID - 34100

MLIST - [oss-security] 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows

MISC - http://ocert.org/patches/2008-015/libsoup-CVE-2009-0585.diff

XF - libsoup-soupmisc-bo(49273)

UBUNTU - USN-737-1

BUGTRAQ - 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows

REDHAT - RHSA-2009:0344

MISC - http://www.ocert.org/advisories/ocert-2008-015.html

MANDRIVA - MDVSA-2009:081

DEBIAN - DSA-1748

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2009-088.htm

SECUNIA - 35065

SECUNIA - 34401

SECUNIA - 34337

SECUNIA - 34310

SUSE - SUSE-SR:2009:010

Related Patches

Novell SUSE 2009:6223 libsoup security update for SLE 10 SP2 i586


Last Updated: 27 May 2016 10:50:18