Fluid Attacks Database

Description

Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	glib2.0	>=0 <2.20.0-1	2.20.0-1
debian 12	glib2.0	>=0 <2.20.0-1	2.20.0-1
debian 13	glib2.0	>=0 <2.20.0-1	2.20.0-1
debian 14	glib2.0	>=0 <2.20.0-1	2.20.0-1
rpm rhel5	glib2	<0:2.12.3-4.el5_3.1	0:2.12.3-4.el5_3.1

Aliases

1. CVE-2008-43162. NVD-2008-43163. OSV-DEBIAN-2008-43164. OSV-2008-43165. SECURITY-TRACKER-CVE-2008-4316

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.