CVE-2009-0585

Publication date 14 March 2009

Last updated 24 July 2024

Ubuntu priority

Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libsoup	8.10 intrepid	Not affected
	8.04 LTS hardy	Not affected
	7.10 gutsy	Fixed 2.2.100-1ubuntu0.1
	6.06 LTS dapper	Fixed 2.2.93-0ubuntu1.2
libsoup2.4	8.10 intrepid	Not affected
	8.04 LTS hardy	Not affected
	7.10 gutsy	Not in release
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-737-1
libsoup vulnerability
16 March 2009

Other references

https://www.cve.org/CVERecord?id=CVE-2009-0585