exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2009-0585

Status Candidate

Overview

Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation.

Related Files

Mandriva Linux Security Advisory 2009-081
Posted Mar 27, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-081 - An integer overflow in libsoup Base64 encoding and decoding functions enables attackers either to cause denial of service and to execute arbitrary code. This update provides the fix for that security issue.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-0585
SHA-256 | 0218a675d4af22d7953ff8facbadd56fc42d0d245c1acf552ca37aaa99c6e354
Debian Linux Security Advisory 1748-1
Posted Mar 24, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1748-1 - It was discovered that libsoup, an HTTP library implementation in C, handles large strings insecurely via its Base64 encoding functions. This could possibly lead to the execution of arbitrary code.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2009-0585
SHA-256 | 1f4b63ede43694dd4314bde597b03ac678c793aeb27c9bb4ba71472bfff595f1
Ubuntu Security Notice 737-1
Posted Mar 16, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-737-1 - It was discovered that the Base64 encoding functions in libsoup did not properly handle large strings. If a user were tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user privileges.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0585
SHA-256 | f874a8bcf1deb0809b7e56c5833224376f539f277c373bf447e52e2715662ad5
Open Source CERT Security Advisory 2008.15
Posted Mar 12, 2009
Authored by Will Drewry, Open Source CERT | Site ocert.org

Base64 encoding and decoding functions in glib suffer from vulnerabilities during memory allocation which may result in arbitrary code execution when processing large strings. A number of other GNOME-related applications which predate glib are vulnerable due to the commonality of this flawed code.

tags | advisory, arbitrary, vulnerability, code execution
advisories | CVE-2008-4316, CVE-2009-0585, CVE-2009-0586, CVE-2009-0587
SHA-256 | 53bba693225b9b5a30ee3d26bab42447350b5931b378ef7725720712448ef169
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close