VMware Security Advisory - Updates have been issues for ESX Service Console newt, nfs-utils, and glib2 packages. vMA updates for newt, nfs-util, glib2, kpartx, libvolume-id, device-mapper-multipath, fipscheck, dbus, dbus-libs, ed, openssl, bind, expat, openssh, ntp and kernel packages have also been issued.
0ae5770077c762418cfd24f3ee041e3030eda4c4cf779c13c8b5a0c5d3c879caSUSE Security Announcement - The code library glib2 provides base64 encoding and decoding functions that are vulnerable to integer overflows when processing very large strings. Processes using this library functions for processing data from the network can be exploited remotely to execute arbitrary code with the privileges of the user running this process.
427e328c4b032da7dde92fb10cd1cc8487f3a3aa216decfff08d5507caa4d5a0SUSE Security Announcement - The code library glib2 provides base64 encoding and decoding functions that are vulnerable to integer overflows when processing very large strings. Processes using this library functions for processing data from the network can be exploited remotely to execute arbitrary code with the privileges of the user running this process.
0819fc08a7b0112e84164a490ba13e08dbf8fb21bfae4fd677f800d9b9269d4fGentoo Linux Security Advisory GLSA 200904-02 - Multiple integer overflows might allow for the execution of arbitrary code when performing base64 conversion. Diego E. Petten
b1f5122f460acca80b8b244df0c098601842f6632d0c39361c27fed30552d0cfMandriva Linux Security Advisory 2009-080 - Multiple integer overflows in GLib's Base64 encoding and decoding functions enable attackers (possibly remote ones, depending on the applications glib2 is linked against with - mostly GNOME ones) either to cause denial of service and to execute arbitrary code via an untrusted input. This update provide the fix for that security issue.
8546c2803b7d9dd0a567710d603756b33cde91e984e1d57910ee82daf034c3dcDebian Security Advisory 1747-1 - Diego Petten discovered that glib2.0, the GLib library of C routines, handles large strings insecurely via its Base64 encoding functions. This could possible lead to the execution of arbitrary code.
825ac558e6c3b4712528cf64fd06562736392f48b14da0f81a2337273e453ee4Ubuntu Security Notice USN-738-1 - Diego Petten discovered that the Base64 encoding functions in GLib did not properly handle large strings. If a user or automated system were tricked into processing a crafted Base64 string, an attacker could possibly execute arbitrary code with the privileges of the user invoking the program.
142d7caef8306ce3d9680632ff5816cfb188d0250570f70c3e4e04b9f8e64061Base64 encoding and decoding functions in glib suffer from vulnerabilities during memory allocation which may result in arbitrary code execution when processing large strings. A number of other GNOME-related applications which predate glib are vulnerable due to the commonality of this flawed code.
53bba693225b9b5a30ee3d26bab42447350b5931b378ef7725720712448ef169
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed