Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

Gentoo GLSA-200403-05 Normal: UUDeview MIME Buffer Overflow Risk

gentoo
Calendar Grey March 28, 2004
Dist Gentoo Esm H88
MIME documents could potentially take advantage of a stack overflow vulnerability in UUDeview, which might enable unauthorized code execution. It is advisable to apply updates.
A specially-crafted MIME file (.mim, .uue, .uu, .b64, .bhx, .hqx, and .xxe extensions) may cause UUDeview to crash or execute arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200403-05 ~ https://security.gentoo.org/ ~ Severity: Normal ~ Title: UUDeview MIME Buffer Overflow ~ Date: March 26, 2004 ~ Bugs: #44859 ~ ID: 200403-05

Synopsis ======= A specially-crafted MIME file (.mim, .uue, .uu, .b64, .bhx, .hqx, and .xxe extensions) may cause UUDeview to crash or execute arbitrary code.
Background ========= UUDeview is a program which is used to transmit binary files over the Internet in a text-only format. It is commonly used for email and Usenet attachments. It supports multiple encoding formats, including Base64, BinHex and UUEncoding.
========== By decoding a MIME archive with excessively long strings for various parameters, it is possible to crash UUDeview, or cause it to execute arbitrary code.
This vulnerability was originally reported by iDEFENSE as part of a WinZip advisory [ Reference: 1 ].
Impact ===== An attacker could cre...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround