Novell Home

CVE-2008-6393

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2008-6393 at MITRE

Description

PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an integer overflow and a heap-based buffer overflow.

NVD CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 479815

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 10.3
  • psi >= 0.10-26.2

© 2012 Novell