Showing 1 - 4 of 4

CVE-2009-0585

Status Candidate

Overview

Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation.

Related Files

Mandriva Linux Security Advisory 2009-081: Posted Mar 27, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-081 - An integer overflow in libsoup Base64 encoding and decoding functions enables attackers either to cause denial of service and to execute arbitrary code. This update provides the fix for that security issue.; tags | advisory, denial of service, overflow, arbitrary; systems | linux, mandriva; advisories | CVE-2009-0585; SHA-256 | 0218a675d4af22d7953ff8facbadd56fc42d0d245c1acf552ca37aaa99c6e354; Download | Favorite | View

Debian Linux Security Advisory 1748-1: Posted Mar 24, 2009; Authored by Debian | Site debian.org; Debian Security Advisory 1748-1 - It was discovered that libsoup, an HTTP library implementation in C, handles large strings insecurely via its Base64 encoding functions. This could possibly lead to the execution of arbitrary code.; tags | advisory, web, arbitrary; systems | linux, debian; advisories | CVE-2009-0585; SHA-256 | 1f4b63ede43694dd4314bde597b03ac678c793aeb27c9bb4ba71472bfff595f1; Download | Favorite | View

Ubuntu Security Notice 737-1: Posted Mar 16, 2009; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice USN-737-1 - It was discovered that the Base64 encoding functions in libsoup did not properly handle large strings. If a user were tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user privileges.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2009-0585; SHA-256 | f874a8bcf1deb0809b7e56c5833224376f539f277c373bf447e52e2715662ad5; Download | Favorite | View

Open Source CERT Security Advisory 2008.15: Posted Mar 12, 2009; Authored by Will Drewry, Open Source CERT | Site ocert.org; Base64 encoding and decoding functions in glib suffer from vulnerabilities during memory allocation which may result in arbitrary code execution when processing large strings. A number of other GNOME-related applications which predate glib are vulnerable due to the commonality of this flawed code.; tags | advisory, arbitrary, vulnerability, code execution; advisories | CVE-2008-4316, CVE-2009-0585, CVE-2009-0586, CVE-2009-0587; SHA-256 | 53bba693225b9b5a30ee3d26bab42447350b5931b378ef7725720712448ef169; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 247 files
Jay Turla 150 files
indoushka 139 files
Ubuntu 61 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,117)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,066)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,731)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,807)
UNIX (9,449)
UnixWare (187)
Windows (6,762)
Other

CVE-2009-0585

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems