Lucene search

K

[email protected]CVE-2008-4316

HistoryMar 14, 2009 - 6:30 p.m.

CVE-2008-4316

2009-03-1418:30:00

CWE-189

[email protected]

web.nvd.nist.gov

33

cve-2008-4316

integer overflows

glib

glib 2.20

arbitrary code execution

7 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

34.7%

Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation.

CPENameOperatorVersion
gnome:glibgnome glibeq2.14.5
gnome:glibgnome glible2.16.4
gnome:glibgnome glibeq2.16.3
gnome:glibgnome glibeq2.14.6
gnome:glibgnome glibeq2.2.1

References

lists.opensuse.org/opensuse-security-announce/2009-04/msg00014.html

lists.vmware.com/pipermail/security-announce/2010/000082.html

ocert.org/patches/2008-015/glib-CVE-2008-4316.diff

openwall.com/lists/oss-security/2009/03/12/2

secunia.com/advisories/34267

secunia.com/advisories/34317

secunia.com/advisories/34404

secunia.com/advisories/34416

secunia.com/advisories/34560

secunia.com/advisories/34854

secunia.com/advisories/34890

secunia.com/advisories/38794

secunia.com/advisories/38833

svn.gnome.org/viewvc/glib?view=revision&revision=7973

wiki.rpath.com/Advisories:rPSA-2009-0045

www.debian.org/security/2009/dsa-1747

www.mandriva.com/security/advisories?name=MDVSA-2009:080

www.ocert.org/advisories/ocert-2008-015.html

www.openwall.com/lists/oss-security/2009/03/16/2

www.redhat.com/archives/fedora-package-announce/2009-April/msg00744.html

www.redhat.com/support/errata/RHSA-2009-0336.html

www.securityfocus.com/archive/1/501712/100/0/threaded

www.securityfocus.com/archive/1/501766/100/0/threaded

www.securityfocus.com/bid/34100

www.securitytracker.com/id?1021884

www.ubuntu.com/usn/usn-738-1

www.vupen.com/english/advisories/2010/0528

exchange.xforce.ibmcloud.com/vulnerabilities/49272

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11401

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8360

www.redhat.com/archives/fedora-package-announce/2009-March/msg01113.html

7 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

34.7%

Related for CVE-2008-4316

fedora2 prion1 openvas29 nessus17 debian1 ubuntucve1 oraclelinux1 ubuntu1 suse2 debiancve1 redhat1 slackware1 gentoo1 securityvulns2 seebug1 vmware2