// For flags

CVE-2009-0585

libsoup: integer overflow in soup_base64_encode()

Severity Score

7.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation.

Un desbordamiento de entero en la función soup_base64_encode en sopa-misc.c en libsoup 2.x.x antes de 2.2.x, y 2.x antes de 2.24, permite a atacantes dependientes del contexto ejecutar código arbitrario a través de una cadena demasiado larga que se convierte en una representación en base64.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2009-02-13 CVE Reserved
  • 2009-03-12 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-189: Numeric Errors
  • CWE-190: Integer Overflow or Wraparound
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Joe Shaw
Search vendor "Joe Shaw"
Libsoup
Search vendor "Joe Shaw" for product "Libsoup"
2.1
Search vendor "Joe Shaw" for product "Libsoup" and version "2.1"
-
Affected
Joe Shaw
Search vendor "Joe Shaw"
Libsoup
Search vendor "Joe Shaw" for product "Libsoup"
2.23.1
Search vendor "Joe Shaw" for product "Libsoup" and version "2.23.1"
-
Affected
Joe Shaw
Search vendor "Joe Shaw"
Libsoup
Search vendor "Joe Shaw" for product "Libsoup"
2.23.6
Search vendor "Joe Shaw" for product "Libsoup" and version "2.23.6"
-
Affected
Joe Shaw
Search vendor "Joe Shaw"
Libsoup
Search vendor "Joe Shaw" for product "Libsoup"
2.23.91
Search vendor "Joe Shaw" for product "Libsoup" and version "2.23.91"
-
Affected
Joe Shaw
Search vendor "Joe Shaw"
Libsoup
Search vendor "Joe Shaw" for product "Libsoup"
2.23.92
Search vendor "Joe Shaw" for product "Libsoup" and version "2.23.92"
-
Affected