CVE-2009-0585

2009-03-14 19:30:00 2018-10-10 21:29:34

Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Joe shaw Libsoup 2.23.92 (not an official CPE) Joe shaw Libsoup 2.23.91 (not an official CPE) Joe shaw Libsoup 2.23.1 (not an official CPE) Joe shaw Libsoup 2.23.6 (not an official CPE) Joe shaw Libsoup 2.1 (not an official CPE)

Joe shaw - Libsoup

Advisory	Patch	Confirmed	Link
			libsoup-soupmisc-bo(49273)
			20090312 [oCERT-2008-015] glib and glib-predecessor heap...
			USN-737-1
			34100
			http://www.ocert.org/advisories/ocert-2008-015.html
			RHSA-2009:0344
			MDVSA-2009:081
			DSA-1748
			http://ocert.org/patches/2008-015/libsoup-CVE-2009-0585....
			[oss-security] 20090312 [oCERT-2008-015] glib and glib-p...
			http://support.avaya.com/elmodocs2/security/ASA-2009-088...
			SUSE-SR:2009:010

CVE-2009-0585

2009-03-14 19:30:00 2018-10-10 21:29:34

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)