RHSA-2017:2459-01 -- Redhat libsoupID: oval:org.secpod.oval:def:502120 | Date: (C)2017-08-14 (M)2023-12-20 |
Class: PATCH | Family: unix |
The libsoup packages provide an HTTP client and server library for GNOME. Security Fix: * A stack-based buffer overflow flaw was discovered within the HTTP processing of libsoup. A remote attacker could exploit this flaw to cause a crash or, potentially, execute arbitrary code by sending a specially crafted HTTP request to a server using the libsoup HTTP server functionality or by tricking a user into connecting to a malicious HTTP server with an application using the libsoup HTTP client functionality. Red Hat would like to thank Aleksandar Nikolic for reporting this issue.
Platform: |
Red Hat Enterprise Linux 7 |