CVE-2009-3476

描述

Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x before 1.3.4, and XMLTooling before 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x before 2.2.1, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed encoded URL.

受影響套件(3)

• Debian/opensamlfrom 0, < 3.0.0-2
• Debian/shibboleth-spfrom 0, < 3.0.2+dfsg1-2
• Debian/xmltoolingfrom 0, < 1.2.2-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-3476