SUSE-SA:2009:026 -- SUSE glib2 remote code executionID: oval:org.secpod.oval:def:400094 | Date: (C)2012-01-31 (M)2023-02-20 |
Class: PATCH | Family: unix |
The advisory was resent because the previous one contained the wrong Announcement ID. The code library glib2 provides base64 encoding and decoding functions that are vulnerable to integer overflows when processing very large strings. Processes using this library functions for processing data from the network can be exploited remotely to execute arbitrary code with the privileges of the user running this process.
Platform: |
openSUSE 10.3 |
openSUSE 11.1 |
openSUSE 11.0 |