CVE-2008-4316
glib2.0 - arbitrary code execution
EPSS 0.50%
Description
Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation.
How to fix CVE-2008-4316
To remediate CVE-2008-4316, upgrade the affected package to a fixed version below.
- Debian/glib2.0—upgrade to 2.20.0-1 or later
- Debian/glib2.0—upgrade to 2.12.4-2+etch1 or later
Is CVE-2008-4316 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2.20.0-1
- from 0, < 2.12.4-2+etch1