Your submission was sent successfully! Close

CVE-2009-3476

Published: 29 September 2009

Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x before 1.3.4, and XMLTooling before 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x before 2.2.1, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed encoded URL.

Priority

Medium

Status

Package Release Status
opensaml
Launchpad, Ubuntu, Debian
Upstream
Released (1.1.3)
shibboleth-sp
Launchpad, Ubuntu, Debian
Upstream
Released (1.3.4)
xmltooling
Launchpad, Ubuntu, Debian
Upstream
Released (1.2.2-1)