Summary
The remote host is missing updates announced in
advisory SUSE-SA:2009:026.
Solution
Update your system with the packages as indicated in the referenced security advisory.
https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:026
Insight
The advisory was resent because the previous one contained the wrong Announcement ID.
The code library glib2 provides base64 encoding and decoding functions that are vulnerable to integer overflows when processing very large strings.
Processes using this library functions for processing data from the network can be exploited remotely to execute arbitrary code with the privileges of the user running this process.
Severity
Classification
-
CVE CVE-2008-4316 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities