CVE-2009-0585 – libsoup: integer overflow in soup_base64_encode()

https://notcve.org/view.php?id=CVE-2009-0585

Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation. Un desbordamiento de entero en la función soup_base64_encode en sopa-misc.c en libsoup 2.x.x antes de 2.2.x, y 2.x antes de 2.24, permite a atacantes dependientes del contexto ejecutar código arbitrario a través de una cadena demasiado larga que se convierte en una representación en base64. • http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://ocert.org/patches/2008-015/libsoup-CVE-2009-0585.diff http://openwall.com/lists/oss-security/2009/03/12/2 http://secunia.com/advisories/34310 http://secunia.com/advisories/34337 http://secunia.com/advisories/34401 http://secunia.com/advisories/35065 http://support.avaya.com/elmodocs2/security/ASA-2009-088.htm http://www.debian.org/security/2009/dsa-1748 http://www.mandriva.com/security/a • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •