VDB
CVE-2009-0585
CVE-2009-0585
PUBLISHED
CVSS 7.5 HIGH
Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation.
EPSS 2.03% · 84.2th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
2.03%
84.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| joe_shaw | libsoup | 2.1, 2.23.1, 2.23.6 |
Timeline
- Mar 14, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 9, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- RHSA-2009:0344 vendor-advisory
- oval:org.mitre.oval:def:9599 vdb
- http://support.avaya.com/elmodocs2/security/ASA-2009-088.htm url
- MDVSA-2009:081 vendor-advisory
- [oss-security] 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows mailing-list
- 34100 vdb
- 35065 third-party-advisory
- libsoup-soupmisc-bo(49273) vdb
- 34310 third-party-advisory
- 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows mailing-list
- DSA-1748 vendor-advisory
- SUSE-SR:2009:010 vendor-advisory
- 34401 third-party-advisory
- http://ocert.org/patches/2008-015/libsoup-CVE-2009-0585.diff url
- USN-737-1 vendor-advisory
- 34337 third-party-advisory
- http://www.ocert.org/advisories/ocert-2008-015.html url
- https://nvd.nist.gov/vuln/detail/CVE-2009-0585 advisory
- https://access.redhat.com/errata/RHSA-2009:0344 url
- https://access.redhat.com/security/cve/CVE-2009-0585 url
…and 1 more