CVE-2008-4316

Published: 14 March 2009

Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation.

Priority

Medium

Status

Package Release Status
glib2.0
Launchpad, Ubuntu, Debian
Upstream
Released (2.20)

Notes

AuthorNote
jdstrand
vulnerable code does not exist in Ubuntu 6.06 (code not added until
2.12)

References