Информационная безопасность
[RU] switch to English


Повреждение памяти в библиотеке glib
Опубликовано:15 марта 2009 г.
Источник:
SecurityVulns ID:9743
Тип:библиотека
Уровень опасности:
7/10
Описание:Повреждение памяти в реализации кодирования/декодирования base64
Затронутые продукты:LIBSOUP : libsoup 2.2
 GLIB : glib 2.11
 GLIB : glib 2.12
 GSTREAMER : gstreamer-plugins-base 0.10
CVE:CVE-2009-0587 (Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vcard.c in evc or (2) camel/camel-mime-utils.c in libcamel.)
 CVE-2009-0586 (Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a base64 representation, which triggers a heap-based buffer overflow.)
 CVE-2009-0585 (Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation.)
 CVE-2008-4316 (Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation.)
Оригинальный текстdocumentWill Drewry, [oCERT-2008-015] glib and glib-predecessor heap overflows (15.03.2009)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород