CVE-2010-0409

Common Vulnerabilities and Exposures

Upstream information

CVE-2010-0409 at MITRE

Description

Buffer overflow in the GMIME_UUENCODE_LEN macro in gmime/gmime-encodings.h in GMime before 2.4.15 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via input data for a uuencode operation.

NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 576923

SUSE Security Advisories:

SUSE-SR:2010:006, published Mon, 15 Mar 2010 11:11:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE 11.2	`gmime-2_4-debuginfo >= 2.4.8-2.5.1` `gmime-2_4-debugsource >= 2.4.8-2.5.1` `libgmime-2_4-2-debuginfo >= 2.4.8-2.5.1`
openSUSE 11.2	`gmime-2_4 >= 2.4.8-2.5.1` `gmime-2_4-devel >= 2.4.8-2.5.1` `gmime-2_4-doc >= 2.4.8-2.5.1` `gmime-2_4-sharp >= 2.4.8-2.5.1` `libgmime-2_4-2 >= 2.4.8-2.5.1`
SUSE Linux Enterprise 11 GA DEBUGINFO	`gmime-debuginfo >= 2.2.23-1.41.1` `gmime-debugsource >= 2.2.23-1.41.1`	sle11-sdk.s390x sled11.x86 sles11.s390x sle11-sdk.ia64 sles11.ppc sle11-debuginfo.ia64 sles11.x86 sle11-debuginfo.s390x sle11-sdk.ppc sles11.ia64 sle11-debuginfo.x86-64 sle11-debuginfo.ppc sle11-debuginfo.x86 sle11-sdk.x86-64 sles11.x86-64 sle11-sdk.x86 sled11.x86-64 SAT Patch Nr: 1998
SUSE Linux Enterprise SDK 11 GA	`gmime-devel >= 2.2.23-1.41.1` `gmime-sharp >= 2.2.23-1.41.1`	sle11-sdk.s390x sled11.x86 sles11.s390x sle11-sdk.ia64 sles11.ppc sle11-debuginfo.ia64 sles11.x86 sle11-debuginfo.s390x sle11-sdk.ppc sles11.ia64 sle11-debuginfo.x86-64 sle11-debuginfo.ppc sle11-debuginfo.x86 sle11-sdk.x86-64 sles11.x86-64 sle11-sdk.x86 sled11.x86-64 SAT Patch Nr: 1998
SUSE Linux Enterprise SDK 11 GA	`gmime-devel >= 2.2.23-1.41.1`	sle11-sdk.s390x sled11.x86 sles11.s390x sle11-sdk.ia64 sles11.ppc sle11-debuginfo.ia64 sles11.x86 sle11-debuginfo.s390x sle11-sdk.ppc sles11.ia64 sle11-debuginfo.x86-64 sle11-debuginfo.ppc sle11-debuginfo.x86 sle11-sdk.x86-64 sles11.x86-64 sle11-sdk.x86 sled11.x86-64 SAT Patch Nr: 1998
SUSE Linux Enterprise Desktop 11 GA	`gmime >= 2.2.23-1.41.1` `gmime-sharp >= 2.2.23-1.41.1` `libgmime-2_0-3 >= 2.2.23-1.41.1`	sle11-sdk.s390x sled11.x86 sles11.s390x sle11-sdk.ia64 sles11.ppc sle11-debuginfo.ia64 sles11.x86 sle11-debuginfo.s390x sle11-sdk.ppc sles11.ia64 sle11-debuginfo.x86-64 sle11-debuginfo.ppc sle11-debuginfo.x86 sle11-sdk.x86-64 sles11.x86-64 sle11-sdk.x86 sled11.x86-64 SAT Patch Nr: 1998
SUSE Linux Enterprise Server 11 GA	`gmime >= 2.2.23-1.41.1` `gmime-doc >= 2.2.23-1.41.1` `libgmime-2_0-3 >= 2.2.23-1.41.1`	sle11-sdk.s390x sled11.x86 sles11.s390x sle11-sdk.ia64 sles11.ppc sle11-debuginfo.ia64 sles11.x86 sle11-debuginfo.s390x sle11-sdk.ppc sles11.ia64 sle11-debuginfo.x86-64 sle11-debuginfo.ppc sle11-debuginfo.x86 sle11-sdk.x86-64 sles11.x86-64 sle11-sdk.x86 sled11.x86-64 SAT Patch Nr: 1998
openSUSE 11.0	`gmime-debuginfo >= 2.2.18-28.2` `gmime-debugsource >= 2.2.18-28.2`
openSUSE 11.0	`gmime >= 2.2.18-28.2` `gmime-devel >= 2.2.18-28.2` `gmime-doc >= 2.2.18-28.2` `gmime-sharp >= 2.2.18-28.2` `libgmime-2_0-3 >= 2.2.18-28.2`
openSUSE 11.1	`gmime-debuginfo >= 2.2.23-1.31.1` `gmime-debugsource >= 2.2.23-1.31.1`
openSUSE 11.1	`gmime >= 2.2.23-1.31.1` `gmime-devel >= 2.2.23-1.31.1` `gmime-doc >= 2.2.23-1.31.1` `gmime-sharp >= 2.2.23-1.31.1` `libgmime-2_0-3 >= 2.2.23-1.31.1`
openSUSE 11.2	`gmime-debuginfo >= 2.2.23-4.5.1` `gmime-debugsource >= 2.2.23-4.5.1` `libgmime-2_0-3-debuginfo >= 2.2.23-4.5.1`
openSUSE 11.2	`gmime >= 2.2.23-4.5.1` `gmime-devel >= 2.2.23-4.5.1` `gmime-doc >= 2.2.23-4.5.1` `gmime-sharp >= 2.2.23-4.5.1` `libgmime-2_0-3 >= 2.2.23-4.5.1`