CVE-2010-0409

Published: 08 February 2010

Buffer overflow in the GMIME_UUENCODE_LEN macro in gmime/gmime-encodings.h in GMime before 2.4.15 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via input data for a uuencode operation.

Priority

Low

Status

Package Release Status
gmime
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(2.6.6-1)
gmime2.2
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

gmime2.4
Launchpad, Ubuntu, Debian
Upstream
Released (2.4.15)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Patches:
Upstream: http://ftp.gnome.org/pub/GNOME/sources/gmime/2.4/gmime-2.4.14-2.4.15.diff.gz